High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-4031	Use After Free vulnerability in multiple products In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. network low complexity freerdp fedoraproject opensuse canonical debian CWE-416	7.5
2020-05-22	CVE-2020-13398	Out-of-bounds Write vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. network low complexity freerdp debian opensuse canonical CWE-787	8.3
2020-05-22	CVE-2020-13396	Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. network low complexity freerdp debian opensuse canonical CWE-125	7.1
2019-10-04	CVE-2019-17178	Memory Leak vulnerability in multiple products HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. network low complexity freerdp lodev opensuse CWE-401	7.5
2019-10-04	CVE-2019-17177	Memory Leak vulnerability in multiple products libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. network low complexity freerdp opensuse CWE-401	7.5
2018-11-29	CVE-2018-8789	Out-of-bounds Read vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). network low complexity freerdp canonical debian CWE-125	7.5
2018-04-24	CVE-2017-2835	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. network high complexity freerdp debian CWE-787	8.1
2018-04-24	CVE-2017-2834	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. network high complexity freerdp debian CWE-787	7.0
2016-10-03	CVE-2013-4119	NULL Pointer Dereference vulnerability in Freerdp 1.0.0/1.0.1/1.0.2 FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. network low complexity freerdp CWE-476	7.5
2016-10-03	CVE-2013-4118	NULL Pointer Dereference vulnerability in multiple products FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. network low complexity freerdp opensuse CWE-476	7.5