Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-29 | CVE-2020-11089 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). | 5.5 |
2020-05-29 | CVE-2020-11088 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. | 5.4 |
2020-05-29 | CVE-2020-11087 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. | 5.4 |
2020-05-29 | CVE-2020-11086 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. | 5.4 |
2020-05-29 | CVE-2020-11039 | Integer Overflow or Wraparound vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. | 6.8 |
2020-05-29 | CVE-2020-11038 | Integer Overflow to Buffer Overflow vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. | 5.4 |
2020-05-29 | CVE-2020-11019 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. | 6.5 |
2020-05-29 | CVE-2020-11018 | Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. | 6.5 |
2020-05-29 | CVE-2020-11017 | Double Free vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. | 6.5 |
2020-05-28 | CVE-2020-11082 | Cross-site Scripting vulnerability in multiple products In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. | 4.3 |