Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-24882
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions before 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients a...
Freerdp Freerdp
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2.2
CVSSv3
CVE-2020-11049
In FreeRDP after 1.1 and prior to 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.
Freerdp Freerdp
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
5.4
CVSSv3
CVE-2020-11095
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11096
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
5.4
CVSSv3
CVE-2020-11097
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11098
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11099
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
Freerdp Freerdp
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-4030
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2020-4031
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
4.3
CVSSv3
CVE-2020-4032
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »