Total
6585 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11114 | 1 Qualcomm | 2 Ar9344, Ar9344 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-17061 and CVE-2019-17517 in Sweyntooth paper)' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in AR9344 | |||||
| CVE-2020-11099 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 6.4 MEDIUM | 3.5 LOW |
| In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2. | |||||
| CVE-2020-11098 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 5.8 MEDIUM | 3.5 LOW |
| In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2. | |||||
| CVE-2020-11097 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 5.5 MEDIUM | 3.5 LOW |
| In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. | |||||
| CVE-2020-11096 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 6.4 MEDIUM | 3.5 LOW |
| In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2. | |||||
| CVE-2020-11095 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 5.5 MEDIUM | 3.5 LOW |
| In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. | |||||
| CVE-2020-11089 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 6.0 MEDIUM | 3.7 LOW |
| In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0. | |||||
| CVE-2020-11088 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 5.5 MEDIUM | 3.1 LOW |
| In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. | |||||
| CVE-2020-11087 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 5.5 MEDIUM | 3.1 LOW |
| In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. | |||||
| CVE-2020-11086 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 5.5 MEDIUM | 3.1 LOW |
| In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0. | |||||
| CVE-2020-11085 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 5.0 MEDIUM | 2.6 LOW |
| In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0. | |||||
| CVE-2020-11049 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-11-21 | 3.5 LOW | 5.5 MEDIUM |
| In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0. | |||||
| CVE-2020-11048 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-11-21 | 3.5 LOW | 2.2 LOW |
| In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0. | |||||
| CVE-2020-11047 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0.0. | |||||
| CVE-2020-11045 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-11-21 | 4.9 MEDIUM | 2.2 LOW |
| In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour. | |||||
| CVE-2020-11043 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 5.0 MEDIUM | 2.2 LOW |
| In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0. | |||||
| CVE-2020-11042 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for later retrieval. This has been patched in 2.0.0. | |||||
| CVE-2020-11040 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 4.0 MEDIUM | 2.2 LOW |
| In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0. | |||||
| CVE-2020-11019 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. | |||||
| CVE-2020-11018 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0. | |||||