Vulnerabilities > Freerdp > Freerdp > 1.1.0

DATE CVE VULNERABILITY TITLE RISK
2020-05-12 CVE-2020-11058 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-119
2.2
2.2
2020-05-07 CVE-2020-11049 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser.
network
high complexity
freerdp canonical debian CWE-125
2.2
2.2
2020-05-07 CVE-2020-11048 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-125
2.2
2.2
2020-05-07 CVE-2020-11047 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results.
network
high complexity
freerdp canonical debian CWE-125
5.9
5.9
2020-05-07 CVE-2020-11046 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-119
2.2
2.2
2020-05-07 CVE-2020-11045 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer.
network
high complexity
freerdp debian canonical CWE-125
3.3
3.3
2020-05-07 CVE-2020-11042 Out-of-bounds Read vulnerability in multiple products
In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info.
network
high complexity
freerdp debian canonical CWE-125
5.9
5.9
2019-10-04 CVE-2019-17178 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
network
low complexity
freerdp lodev opensuse CWE-772
5.0
5.0
2019-10-04 CVE-2019-17177 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
network
low complexity
freerdp opensuse CWE-772
5.0
5.0
2018-12-20 CVE-2018-1000852 Out-of-bounds Read vulnerability in multiple products
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory..
network
low complexity
freerdp canonical fedoraproject CWE-125
6.5
6.5