Vulnerabilities > Freerdp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-30 | CVE-2021-37594 | Improper Input Validation vulnerability in Freerdp In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU. | 7.5 |
2021-07-30 | CVE-2021-37595 | Improper Input Validation vulnerability in Freerdp In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU. | 7.5 |
2020-06-22 | CVE-2020-4031 | Use After Free vulnerability in multiple products In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. | 7.5 |
2020-05-22 | CVE-2020-13398 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. | 8.3 |
2020-05-22 | CVE-2020-13396 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. | 7.1 |
2018-11-29 | CVE-2018-8788 | Out-of-bounds Write vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | 7.5 |
2018-11-29 | CVE-2018-8787 | Integer Overflow or Wraparound vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | 7.5 |
2018-11-29 | CVE-2018-8785 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. | 7.5 |
2018-11-29 | CVE-2018-8784 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. | 7.5 |
2014-11-16 | CVE-2014-0250 | Numeric Errors vulnerability in multiple products Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | 7.5 |