Vulnerabilities > Freerdp > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-39353 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
 9.1
9.1
2023-08-31 CVE-2023-39356 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
 9.1
9.1
2023-08-31 CVE-2023-39355 Use After Free vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian CWE-416
critical
 9.8
9.8
2022-04-26 CVE-2022-24883 Improper Authentication vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP).
network
low complexity
freerdp fedoraproject CWE-287
critical
 9.8
9.8
2021-07-30 CVE-2021-37594 Improper Input Validation vulnerability in Freerdp
In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU.
network
low complexity
freerdp CWE-20
critical
 9.8
9.8
2021-07-30 CVE-2021-37595 Improper Input Validation vulnerability in Freerdp
In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU.
network
low complexity
freerdp CWE-20
critical
 9.8
9.8
2018-11-29 CVE-2018-8788 Out-of-bounds Write vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
network
low complexity
freerdp canonical debian CWE-787
critical
 9.8
9.8
2018-11-29 CVE-2018-8787 Integer Overflow or Wraparound vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
network
low complexity
freerdp canonical debian redhat CWE-190
critical
 9.8
9.8
2018-11-29 CVE-2018-8786 Incorrect Conversion between Numeric Types vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
network
low complexity
freerdp canonical debian fedoraproject redhat CWE-681
critical
 9.8
9.8
2018-11-29 CVE-2018-8785 Out-of-bounds Write vulnerability in multiple products
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
network
low complexity
freerdp canonical CWE-787
critical
 9.8
9.8