CVEs
This page lists vulnerabilities I have found as part of (mostly professional) research that were assigned a CVE ID, with technical details of variable length. Some of these were awarded bounties.
CVE-2021-38666 in Windows — Remote Code Execution in the RDP client
In Microsoft Remote Desktop, a malicious RDP server could remotely execute code in a client through the RDPDR extension (enabled by default).
CVE-2021-38665 in Windows — Remote Heap Leak in the RDP client
In Microsoft Remote Desktop, a malicious RDP server could remotely leak heap memory from a client through the RDPDR extension (enabled by default).
CVE-2021-37595 in FreeRDP — Remote Arbitrary File Read
In FreeRDP < 2.4.0 (Windows), a malicious RDP server can remotely read arbitrary files from a client’s system through the clipboard extension (enabled by default).
CVE-2021-37594 in FreeRDP — Remote Memory Leak
In FreeRDP < 2.4.0 (Windows), a malicious RDP server can remotely leak memory from a client’s system through the clipboard extension (enabled by default).