Skip to main content

Xrdp

18 CVEs product

Monthly

CVE-2025-68670 CRITICAL PATCH Act Now

xrdp open-source RDP server before v0.10.5 has an unauthenticated stack buffer overflow enabling remote code execution.

Buffer Overflow Stack Overflow Debian Linux Xrdp Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39917 CRITICAL PATCH Act Now

xrdp is an open source RDP server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Xrdp
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-42822 MEDIUM PATCH This Month

xrdp is an open source remote desktop protocol server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Debian Xrdp Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-40184 MEDIUM PATCH This Month

xrdp is an open source remote desktop protocol (RDP) server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Xrdp
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-23493 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.1
EPSS
0.9%
CVE-2022-23484 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-23483 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.1
EPSS
0.8%
CVE-2022-23482 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.1
EPSS
0.7%
CVE-2022-23481 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.1
EPSS
0.7%
CVE-2022-23480 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-23479 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-23478 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-23477 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-23468 CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2020-4044 HIGH PATCH This Week

The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Stack Overflow Xrdp
NVD GitHub
CVSS 3.1
7.8
EPSS
2.4%
CVE-2017-16927 HIGH PATCH This Week

The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xrdp Debian Linux
NVD GitHub
CVSS 3.0
8.4
EPSS
0.1%
CVE-2017-6967 HIGH This Week

xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xrdp
NVD GitHub
CVSS 3.1
7.3
EPSS
0.2%
CVE-2013-1430 CRITICAL PATCH Act Now

An issue was discovered in xrdp before 0.9.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Xrdp Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
0.3%
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

xrdp open-source RDP server before v0.10.5 has an unauthenticated stack buffer overflow enabling remote code execution.

Buffer Overflow Stack Overflow Debian Linux +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

xrdp is an open source RDP server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Xrdp
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

xrdp is an open source remote desktop protocol server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Debian +2
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

xrdp is an open source remote desktop protocol (RDP) server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Xrdp
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Microsoft Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Microsoft Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Xrdp +1
NVD GitHub
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 8.4
HIGH PATCH This Week

The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xrdp +1
NVD GitHub
EPSS 0% CVSS 7.3
HIGH This Week

xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xrdp
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in xrdp before 0.9.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Xrdp Debian Linux
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy