Search CVE reports


Toggle filters

51 – 60 of 93 results


CVE-2020-11098

Medium priority

Some fixes available 2 of 5

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11097

Medium priority

Some fixes available 2 of 5

In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11096

Medium priority

Some fixes available 2 of 5

In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11095

Medium priority

Some fixes available 2 of 5

In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11089

Low priority

Some fixes available 3 of 5

In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This...

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11088

Low priority

Some fixes available 3 of 5

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11087

Low priority

Some fixes available 3 of 5

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11086

Low priority

Some fixes available 3 of 5

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not in release Not in release Vulnerable Vulnerable
freerdp2 Not affected Not affected Fixed Fixed Not in release
Show less packages

CVE-2020-11085

Medium priority
Fixed

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not affected Not affected
freerdp2 Fixed Fixed Not in release
Show less packages

CVE-2020-11043

Medium priority
Fixed

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.

2 affected packages

freerdp, freerdp2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freerdp Not in release Not affected Not affected
freerdp2 Fixed Fixed Not in release
Show less packages