Vendor CVEs
Freerdp
All CVEs
172 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-13398 | 0.00 | — | 0.02 | May 22, 2020 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. | |||
| CVE-2020-13397 | 0.00 | — | 0.01 | May 22, 2020 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. | |||
| CVE-2020-11526 | 0.00 | — | 0.02 | May 15, 2020 | libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. | |||
| CVE-2020-11525 | 0.00 | — | 0.02 | May 15, 2020 | libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. | |||
| CVE-2020-11524 | 0.00 | — | 0.02 | May 15, 2020 | libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | |||
| CVE-2020-11523 | 0.00 | — | 0.02 | May 15, 2020 | libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. | |||
| CVE-2020-11522 | 0.00 | — | 0.03 | May 15, 2020 | libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. | |||
| CVE-2020-11521 | 0.00 | — | 0.02 | May 15, 2020 | libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | |||
| CVE-2020-11058 | 0.00 | — | 0.02 | May 12, 2020 | In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0. | |||
| CVE-2020-11045 | 0.00 | — | 0.02 | May 7, 2020 | In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour. | |||
| CVE-2020-11042 | 0.00 | — | 0.02 | May 7, 2020 | In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for… | |||
| CVE-2020-11046 | 0.00 | — | 0.01 | May 7, 2020 | In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read. | |||
| CVE-2020-11049 | 0.00 | — | 0.02 | May 7, 2020 | In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0. | |||
| CVE-2020-11047 | 0.00 | — | 0.02 | May 7, 2020 | In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This… | |||
| CVE-2020-11048 | 0.00 | — | 0.02 | May 7, 2020 | In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0. | |||
| CVE-2020-11044 | 0.00 | — | 0.02 | May 7, 2020 | In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0. | |||
| CVE-2019-17177 | 0.00 | — | 0.03 | Oct 4, 2019 | libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. | |||
| CVE-2019-17178 | 0.00 | — | 0.03 | Oct 4, 2019 | HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. | |||
| CVE-2018-1000852 | 0.00 | — | 0.03 | Dec 20, 2018 | FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory..… | |||
| CVE-2018-8789 | 0.00 | — | 0.05 | Nov 29, 2018 | FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | |||
| CVE-2014-0250 | 0.00 | — | 0.04 | Nov 16, 2014 | Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | |||
| CVE-2014-0791 | 0.00 | — | 0.02 | Jan 3, 2014 | Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a… |
- CVE-2020-13398May 22, 2020risk 0.00cvss —epss 0.02
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
- CVE-2020-13397May 22, 2020risk 0.00cvss —epss 0.01
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
- CVE-2020-11526May 15, 2020risk 0.00cvss —epss 0.02
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
- CVE-2020-11525May 15, 2020risk 0.00cvss —epss 0.02
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
- CVE-2020-11524May 15, 2020risk 0.00cvss —epss 0.02
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
- CVE-2020-11523May 15, 2020risk 0.00cvss —epss 0.02
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
- CVE-2020-11522May 15, 2020risk 0.00cvss —epss 0.03
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
- CVE-2020-11521May 15, 2020risk 0.00cvss —epss 0.02
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
- CVE-2020-11058May 12, 2020risk 0.00cvss —epss 0.02
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.
- CVE-2020-11045May 7, 2020risk 0.00cvss —epss 0.02
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour.
- CVE-2020-11042May 7, 2020risk 0.00cvss —epss 0.02
In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for…
- CVE-2020-11046May 7, 2020risk 0.00cvss —epss 0.01
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
- CVE-2020-11049May 7, 2020risk 0.00cvss —epss 0.02
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.
- CVE-2020-11047May 7, 2020risk 0.00cvss —epss 0.02
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This…
- CVE-2020-11048May 7, 2020risk 0.00cvss —epss 0.02
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.
- CVE-2020-11044May 7, 2020risk 0.00cvss —epss 0.02
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.
- CVE-2019-17177Oct 4, 2019risk 0.00cvss —epss 0.03
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
- CVE-2019-17178Oct 4, 2019risk 0.00cvss —epss 0.03
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
- CVE-2018-1000852Dec 20, 2018risk 0.00cvss —epss 0.03
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory..…
- CVE-2018-8789Nov 29, 2018risk 0.00cvss —epss 0.05
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
- CVE-2014-0250Nov 16, 2014risk 0.00cvss —epss 0.04
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.
- CVE-2014-0791Jan 3, 2014risk 0.00cvss —epss 0.02
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a…
Page 4 of 4