Search CVE reports


Toggle filters

41 – 50 of 93 results


CVE-2021-41160

Medium priority

Some fixes available 10 of 12

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or...

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Needs evaluation Needs evaluation
freerdp2 Fixed Fixed Fixed Fixed Ignored
Show less packages

CVE-2021-41159

Medium priority

Some fixes available 10 of 12

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious...

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Needs evaluation Needs evaluation
freerdp2 Fixed Fixed Fixed Fixed Ignored
Show less packages

CVE-2021-37595

Low priority
Not affected

In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU.

1 affected package

freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp2 Not affected Not affected Not affected Ignored
Show less packages

CVE-2021-37594

Low priority
Not affected

In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU.

1 affected package

freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp2 Not affected Not affected Not affected Ignored
Show less packages

CVE-2020-15103

Medium priority

Some fixes available 2 of 4

In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface...

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Needs evaluation Needs evaluation
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-4033

Low priority

Some fixes available 2 of 5

In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-4032

Medium priority

Some fixes available 2 of 3

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not affected Not affected
freerdp2 Fixed Fixed Not in release
Show less packages

CVE-2020-4031

Medium priority

Some fixes available 2 of 3

In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not affected Not affected
freerdp2 Fixed Fixed Not in release
Show less packages

CVE-2020-4030

Medium priority

Some fixes available 2 of 5

In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11099

Medium priority

Some fixes available 2 of 3

In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not affected Not affected
freerdp2 Fixed Fixed Not in release
Show less packages