Filtered by vendor Freerdp Subscriptions
Filtered by product Freerdp Subscriptions
Total 96 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-4030 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
CVE-2020-15103 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto
CVE-2020-13398 5 Canonical, Debian, Freerdp and 2 more 7 Ubuntu Linux, Debian Linux, Freerdp and 4 more 2024-11-21 8.3 High
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
CVE-2020-13397 5 Canonical, Debian, Freerdp and 2 more 5 Ubuntu Linux, Debian Linux, Freerdp and 2 more 2024-11-21 5.5 Medium
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
CVE-2020-13396 5 Canonical, Debian, Freerdp and 2 more 5 Ubuntu Linux, Debian Linux, Freerdp and 2 more 2024-11-21 7.1 High
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
CVE-2020-11526 5 Canonical, Debian, Freerdp and 2 more 5 Ubuntu Linux, Debian Linux, Freerdp and 2 more 2024-11-21 2.2 Low
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-11525 5 Canonical, Debian, Freerdp and 2 more 5 Ubuntu Linux, Debian Linux, Freerdp and 2 more 2024-11-21 2.2 Low
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVE-2020-11524 4 Canonical, Freerdp, Opensuse and 1 more 6 Ubuntu Linux, Freerdp, Leap and 3 more 2024-11-21 6.6 Medium
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11523 5 Canonical, Debian, Freerdp and 2 more 7 Ubuntu Linux, Debian Linux, Freerdp and 4 more 2024-11-21 6.6 Medium
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
CVE-2020-11522 5 Canonical, Debian, Freerdp and 2 more 5 Ubuntu Linux, Debian Linux, Freerdp and 2 more 2024-11-21 6.5 Medium
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-11521 5 Canonical, Debian, Freerdp and 2 more 7 Ubuntu Linux, Debian Linux, Freerdp and 4 more 2024-11-21 6.6 Medium
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11099 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
CVE-2020-11098 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.
CVE-2020-11097 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
CVE-2020-11096 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
CVE-2020-11095 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 3.5 Low
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
CVE-2020-11089 4 Debian, Freerdp, Opensuse and 1 more 4 Debian Linux, Freerdp, Leap and 1 more 2024-11-21 3.7 Low
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.
CVE-2020-11088 4 Debian, Freerdp, Opensuse and 1 more 4 Debian Linux, Freerdp, Leap and 1 more 2024-11-21 3.1 Low
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
CVE-2020-11087 4 Debian, Freerdp, Opensuse and 1 more 4 Debian Linux, Freerdp, Leap and 1 more 2024-11-21 3.1 Low
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
CVE-2020-11086 4 Debian, Freerdp, Opensuse and 1 more 4 Debian Linux, Freerdp, Leap and 1 more 2024-11-21 3.1 Low
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.