How severe is CVE-2022-39318?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.7 out of 10.

What type of vulnerability is CVE-2022-39318?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2022-39318

MEDIUM Year: 2022

CVSS v3 Score

5.7

Medium

Weakness Type

CWE-20

View all →

Vulnerability Description

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch.

CVE-2016-1156

MEDIUM

CVSS:5.7(Medium)

LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displa...

CWE-202016

CVE-2016-5947

MEDIUM

CVSS:5.7(Medium)

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

CWE-202016

CVE-2016-9719

MEDIUM

CVSS:5.7(Medium)

IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicio...

CWE-202016

CVE-2017-17860

MEDIUM

CVSS:5.7(Medium)

In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetoo...

CWE-202017