Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

FreeRDP — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting FreeRDP. AI-powered Chinese analysis, POCs, and references for each vulnerability.

FreeRDP is an open-source Remote Desktop Protocol client and server implementation designed to facilitate cross-platform remote desktop connectivity. Its widespread adoption in enterprise and personal environments has made it a frequent target for security researchers, resulting in a significant number of recorded Common Vulnerabilities and Exposures. Historically, the codebase has been susceptible to critical remote code execution flaws, often stemming from improper input validation within the RDP protocol parsing logic. These vulnerabilities frequently allow attackers to execute arbitrary commands or escalate privileges on affected systems without user interaction. While the project maintains an active development cycle to patch these issues, the sheer volume of past incidents highlights the complexity of implementing secure network protocols. Continuous monitoring and timely updates remain essential for mitigating risks associated with its extensive feature set and legacy code dependencies.

Top products by FreeRDP: FreeRDP
CVE IDTitleCVSSSeverityPublished
CVE-2023-39350 Incorrect offset calculation leading to denial of service in FreeRDP — FreeRDPCWE-191 5.9 Medium2023-08-31
CVE-2023-40589 FreeRDP Global-Buffer-Overflow in ncrush_decompress — FreeRDPCWE-120 4.3 Medium2023-08-31
CVE-2022-39316 Out of bound read in FreeRDP — FreeRDPCWE-125 4.8 Medium2022-11-16
CVE-2022-39317 Out of bounds read in zgfx decoder in FreeRDP — FreeRDPCWE-125 4.6 Medium2022-11-16
CVE-2022-39318 Division by zero in urbdrc channel in FreeRDP — FreeRDPCWE-20 4.8 Medium2022-11-16
CVE-2022-39319 Missing length validation in urbdrc channel in FreeRDP — FreeRDPCWE-125 4.6 Medium2022-11-16
CVE-2022-39320 Heap buffer overflow in urbdrc channel — FreeRDPCWE-125 5.5 Medium2022-11-16
CVE-2022-39347 Missing path sanitation with `drive` channel in FreeRDP — FreeRDPCWE-22 2.6 Low2022-11-16
CVE-2022-41877 Missing input length validation in `drive` channel in FreeRDP — FreeRDPCWE-119 4.6 Medium2022-11-16
CVE-2022-39282 RDP client: Read of uninitialized memory with parallel port redirection — FreeRDPCWE-908 3.5 Low2022-10-12
CVE-2022-39283 FreeRDP may read and display out of bounds data — FreeRDPCWE-125 5.9 Medium2022-10-12
CVE-2022-24882 Server side NTLM does not properly check parameters in FreeRDP — FreeRDPCWE-287 9.1 Critical2022-04-26
CVE-2022-24883 FreeRDP Server authentication might allow invalid credentials to pass — FreeRDPCWE-287 7.4 High2022-04-26
CVE-2021-41159 Improper client input validation for FreeRDP gateway connections allows to overwrite memory — FreeRDPCWE-787 5.8 Medium2021-10-21
CVE-2021-41160 Improper region checks in FreeRDP allow out of bound write to memory — FreeRDPCWE-787 5.3 Medium2021-10-21
CVE-2020-15103 Integer Overflow in FreeRDP — FreeRDPCWE-680 3.5 Low2020-07-27
CVE-2020-11095 Global OOB read in update_recv_primary_order in FreeRDP — FreeRDPCWE-125 3.5 Low2020-06-22
CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order in FreeRDP — FreeRDPCWE-125 3.5 Low2020-06-22
CVE-2020-11097 OOB read in ntlm_av_pair_get in FreeRDP — FreeRDPCWE-125 3.5 Low2020-06-22
CVE-2020-11098 Out-of-bound read in glyph_cache_put in FreeRDP — FreeRDPCWE-125 3.5 Low2020-06-22
CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet in FreeRDP — FreeRDPCWE-125 3.5 Low2020-06-22
CVE-2020-4030 OOB read in `TrioParse` in FreeRDP — FreeRDPCWE-125 3.5 Low2020-06-22
CVE-2020-4031 Use-After-Free in gdi_SelectObject in FreeRDP — FreeRDPCWE-416 3.5 Low2020-06-22
CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order` in FreeRDP — FreeRDPCWE-681 3.1 Low2020-06-22
CVE-2020-4033 OOB Read in RLEDECOMPRESS in FreeRDP — FreeRDPCWE-125 3.1 Low2020-06-22
CVE-2020-11017 Double free in cliprdr_server_receive_capabilities in FreeRDP — FreeRDPCWE-415 6.5 Medium2020-05-29
CVE-2020-11018 Out of bound read in cliprdr_server_receive_capabilities in FreeRDP — FreeRDPCWE-125 6.5 Medium2020-05-29
CVE-2020-11019 Out of bound read in update_recv in FreeRDP — FreeRDPCWE-125 4.3 Medium2020-05-29
CVE-2020-11038 Integer Overflow to Buffer Overflow in FreeRDP — FreeRDPCWE-680 6.9 Medium2020-05-29
CVE-2020-11039 Integer Overflow in FreeRDP — FreeRDPCWE-190 8.0 High2020-05-29

This page lists every published CVE security advisory associated with FreeRDP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.