Vulnerabilities > Freerdp > Freerdp > 1.0.0

DATE CVE VULNERABILITY TITLE RISK
2020-05-29 CVE-2020-11017 Double Free vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server.
network
low complexity
freerdp opensuse debian CWE-415
6.5
6.5
2020-05-22 CVE-2020-13398 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
network
low complexity
freerdp debian opensuse canonical CWE-787
8.3
8.3
2020-05-22 CVE-2020-13397 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
local
low complexity
freerdp debian opensuse canonical CWE-125
5.5
5.5
2020-05-22 CVE-2020-13396 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
network
low complexity
freerdp debian opensuse canonical CWE-125
7.1
7.1
2020-05-15 CVE-2020-11525 Out-of-bounds Read vulnerability in multiple products
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. 		3.5
3.5
2020-05-15 CVE-2020-11524 Out-of-bounds Write vulnerability in multiple products
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. 		6.0
6.0
2020-05-15 CVE-2020-11523 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. 		6.0
6.0
2020-05-15 CVE-2020-11522 Out-of-bounds Read vulnerability in multiple products
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
network
low complexity
freerdp debian canonical opensuse CWE-125
6.4
6.4
2019-10-04 CVE-2019-17178 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
network
low complexity
freerdp lodev opensuse CWE-772
5.0
5.0
2019-10-04 CVE-2019-17177 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
network
low complexity
freerdp opensuse CWE-772
5.0
5.0