Vulnerabilities > Freerdp

DATE CVE VULNERABILITY TITLE RISK
2020-05-29 CVE-2020-11041 Improper Validation of Array Index vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...).
network
low complexity
freerdp opensuse debian CWE-129
2.7
2.7
2020-05-29 CVE-2020-11039 Integer Overflow or Wraparound vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks.
network
low complexity
freerdp opensuse debian CWE-190
6.8
6.8
2020-05-29 CVE-2020-11038 Integer Overflow to Buffer Overflow vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists.
network
low complexity
freerdp opensuse debian CWE-680
5.4
5.4
2020-05-29 CVE-2020-11019 Out-of-bounds Read vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index.
network
low complexity
freerdp opensuse debian CWE-125
6.5
6.5
2020-05-29 CVE-2020-11018 Out-of-bounds Read vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed.
network
low complexity
freerdp opensuse debian CWE-125
6.5
6.5
2020-05-29 CVE-2020-11017 Double Free vulnerability in multiple products
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server.
network
low complexity
freerdp opensuse debian CWE-415
6.5
6.5
2020-05-22 CVE-2020-13398 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
network
low complexity
freerdp debian opensuse canonical CWE-787
8.3
8.3
2020-05-22 CVE-2020-13397 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
local
low complexity
freerdp debian opensuse canonical CWE-125
5.5
5.5
2020-05-22 CVE-2020-13396 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1.
network
low complexity
freerdp debian opensuse canonical CWE-125
7.1
7.1
2020-05-15 CVE-2020-11526 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. 		3.5
3.5