CVEs

Although I am only starting out and I don't have a lot of experience, I have done some vulnerability research professionally. This page lists all the vulnerabilities I have found as part of my research that were assigned a CVE ID, with technical details of variable length.

CVE-2021-37595 in FreeRDP — Remote Arbitrary File Read

In FreeRDP < 2.4.0 (Windows), a malicious RDP server can remotely read arbitrary files from a client’s system through the clipboard extension (enabled by default).
Read more →

CVE-2021-37594 in FreeRDP — Remote Memory Leak

In FreeRDP < 2.4.0 (Windows), a malicious RDP server can remotely leak memory from a client’s system through the clipboard extension (enabled by default).
Read more →