Vulnerabilities (CVE)

Filtered by vendor Freerdp Subscribe
Total 92 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-13398 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 6.5 MEDIUM 8.3 HIGH
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
CVE-2020-13397 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
CVE-2020-13396 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 5.5 MEDIUM 7.1 HIGH
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
CVE-2020-11526 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 3.5 LOW 2.2 LOW
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-11525 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 3.5 LOW 2.2 LOW
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVE-2020-11524 3 Canonical, Freerdp, Opensuse 3 Ubuntu Linux, Freerdp, Leap 2024-11-21 6.0 MEDIUM 6.6 MEDIUM
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11523 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 6.0 MEDIUM 6.6 MEDIUM
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
CVE-2020-11522 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-11521 4 Canonical, Debian, Freerdp and 1 more 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more 2024-11-21 6.0 MEDIUM 6.6 MEDIUM
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11099 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 6.4 MEDIUM 3.5 LOW
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
CVE-2020-11098 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 5.8 MEDIUM 3.5 LOW
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.
CVE-2020-11097 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 5.5 MEDIUM 3.5 LOW
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
CVE-2020-11096 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 6.4 MEDIUM 3.5 LOW
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
CVE-2020-11095 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 5.5 MEDIUM 3.5 LOW
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
CVE-2020-11089 3 Debian, Freerdp, Opensuse 3 Debian Linux, Freerdp, Leap 2024-11-21 6.0 MEDIUM 3.7 LOW
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.
CVE-2020-11088 3 Debian, Freerdp, Opensuse 3 Debian Linux, Freerdp, Leap 2024-11-21 5.5 MEDIUM 3.1 LOW
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
CVE-2020-11087 3 Debian, Freerdp, Opensuse 3 Debian Linux, Freerdp, Leap 2024-11-21 5.5 MEDIUM 3.1 LOW
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
CVE-2020-11086 3 Debian, Freerdp, Opensuse 3 Debian Linux, Freerdp, Leap 2024-11-21 5.5 MEDIUM 3.1 LOW
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.
CVE-2020-11085 3 Debian, Freerdp, Opensuse 3 Debian Linux, Freerdp, Leap 2024-11-21 5.0 MEDIUM 2.6 LOW
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
CVE-2020-11058 3 Canonical, Debian, Freerdp 3 Ubuntu Linux, Debian Linux, Freerdp 2024-11-21 3.5 LOW 2.2 LOW
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.