Neutrinolabs Xrdp
27 CVEs affecting Neutrinolabs Xrdp. Latest disclosed: 2026-04-17. Critical: 7, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2013-1430 | Critical | 9.8 | 2016-12-16 | An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created… |
CVE-2025-68670 | Critical | 9.1 | 2026-01-27 | xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bou… |
CVE-2022-23477 | Critical | 9.1 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buff… |
CVE-2022-23480 | Critical | 9.1 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buff… |
CVE-2022-23479 | Critical | 9.1 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buff… |
CVE-2022-23478 | Critical | 9.1 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out… |
CVE-2022-23493 | Critical | 9.1 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out… |
CVE-2026-32107 | High | 8.8 | 2026-04-17 | xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop proce… |
CVE-2017-16927 | High | 8.4 | 2017-11-23 | The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows… |
CVE-2022-23484 | High | 8.2 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Inte… |
CVE-2022-23613 | High | 7.8 | 2022-02-07 | xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows a… |
CVE-2022-23483 | High | 7.5 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out… |
CVE-2020-4044 | High | 7.5 | 2020-06-30 | The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is… |
CVE-2017-6967 | High | 7.3 | 2017-03-17 | xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potentia… |
CVE-2024-39917 | High | 7.2 | 2024-07-12 | xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The n… |
CVE-2022-23468 | Medium | 6.5 | 2022-12-09 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buff… |
CVE-2026-33145 | Medium | 6.3 | 2026-04-17 | xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handlin… |
CVE-2023-42822 | Medium | 4.6 | 2023-09-27 | xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controlla… |
CVE-2023-40184 | Low | 2.6 | 2023-08-30 | xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-… |
CVE-2026-35512 | | 2026-04-17 | xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX (graphics dynamic virtual channel) implementation due… |