Vulnerabilities > Freerdp

DATE CVE VULNERABILITY TITLE RISK
2018-11-29 CVE-2018-8785 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
network
low complexity
freerdp canonical CWE-119
7.5
2018-11-29 CVE-2018-8784 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
network
low complexity
freerdp canonical CWE-119
7.5
2018-04-24 CVE-2017-2839 An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11.
network
freerdp debian
4.3
2018-04-24 CVE-2017-2838 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11.
4.3
2018-04-24 CVE-2017-2837 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11.
4.3
2018-04-24 CVE-2017-2836 Improper Certificate Validation vulnerability in multiple products
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11.
4.3
2018-04-24 CVE-2017-2835 Out-of-bounds Write vulnerability in multiple products
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11.
6.8
2018-04-24 CVE-2017-2834 Out-of-bounds Write vulnerability in multiple products
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11.
6.8
2016-10-03 CVE-2013-4119 NULL Pointer Dereference vulnerability in Freerdp 1.0.0/1.0.1/1.0.2
FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.
network
low complexity
freerdp CWE-476
5.0
2016-10-03 CVE-2013-4118 NULL Pointer Dereference vulnerability in multiple products
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
network
low complexity
freerdp opensuse CWE-476
5.0