Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

xrdp — Vulnerabilities & Security Advisories 24

All 24 CVE vulnerabilities found in xrdp, with AI-generated Chinese analysis, references, and POCs.

Vendor: neutrinolabs

CVE IDTitleCVSSSeverityPaused
CVE-2026-35512 xrdp: Heap buffer overflow in EGFX channel CWE-122 9.8AICriticalAI2026-04-17
CVE-2026-33689 xrdp: Pre-authentication out-of-bounds reads in channel parsers CWE-125 8.2AIHighAI2026-04-17
CVE-2026-33145 xrdp: Authenticated RCE via unsanitized AlternateShell execution in xrdp-sesman CWE-78 6.3 Medium2026-04-17
CVE-2026-32624 xrdp: Heap buffer overflow in xrdp_sec_process_logon_info() via incorrect g_strncat length calculation CWE-122 9.8AICriticalAI2026-04-17
CVE-2026-33516 xrdp: Pre-authentication out-of-bounds reads in RDP capability and channel parsers CWE-125 9.1AICriticalAI2026-04-17
CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly CWE-122 8.1AIHighAI2026-04-17
CVE-2026-32105 xrdp: RDP MAC signature (dataSignature) never verified on receive — integrity bypass in non-TLS mode CWE-354 5.9AIMediumAI2026-04-17
CVE-2026-32107 xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails CWE-273 8.8 High2026-04-17
CVE-2025-68670 xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow CWE-121 9.1 Critical2026-01-27
CVE-2024-39917 xrdp allows an ininite number of login attempts CWE-307 7.2 High2024-07-12
CVE-2023-42822 Unchecked access to font glyph info in xrdp CWE-125 4.6 Medium2023-09-27
CVE-2023-40184 Improper handling of session establishment errors in xrdp CWE-755 2.6 Low2023-08-30
CVE-2022-23477 Buffer Overflow in xrdp CWE-120 9.1 Critical2022-12-09
CVE-2022-23484 Integer Overflow in xrdp CWE-190 8.2 High2022-12-09
CVE-2022-23483 Out-of-Bound Read in libxrdp CWE-125 7.5 High2022-12-09
CVE-2022-23482 Out-of-Bound Read in xrdp CWE-125--2022-12-09
CVE-2022-23481 Out-of-Bound Read in xrdp CWE-125--2022-12-09
CVE-2022-23480 Buffer Overflow in xrdp CWE-120 9.1 Critical2022-12-09
CVE-2022-23479 Buffer Overflow occurs in xrdp CWE-120 9.1 Critical2022-12-09
CVE-2022-23478 Out of Bound Write in xrdp CWE-787 9.1 Critical2022-12-09
CVE-2022-23468 Buffer Overflow in xrdp CWE-120 6.5 Medium2022-12-09
CVE-2022-23493 Out of Bound Read in xrdp CWE-125 9.1 Critical2022-12-09
CVE-2022-23613 Privilege escalation on xrdp CWE-191 7.8 High2022-02-07
CVE-2020-4044 Local users can perform a buffer overflow attack against the xrdp-sesman service and then impersonate it CWE-121 7.5 High2020-06-30

All 24 known CVE vulnerabilities affecting xrdp with full Chinese analysis, references, and POCs where available.