CVEs affecting projects tracked on Release Alert, from NVD & OSV.
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.