VYPR

Xrdp

by Neutrinolabs

Source repositories

CVEs (28)

  • CVE-2022-23480Dec 9, 2022
    risk 0.00cvss epss 0.01

    xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue.…

  • CVE-2022-23479Dec 9, 2022
    risk 0.00cvss epss 0.01

    xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to…

  • CVE-2022-23478Dec 9, 2022
    risk 0.00cvss epss 0.01

    xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue.…

  • CVE-2022-23468Dec 9, 2022
    risk 0.00cvss epss 0.01

    xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to…

  • CVE-2022-23493Dec 9, 2022
    risk 0.00cvss epss 0.01

    xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue.…

  • CVE-2022-23613Feb 7, 2022
    risk 0.00cvss epss 0.00

    xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability…

  • CVE-2021-36158Jul 5, 2021
    risk 0.00cvss epss 0.00

    In the xrdp package (in branches through 3.14) for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used.

  • CVE-2020-4044Jun 30, 2020
    risk 0.00cvss epss 0.02

    The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on…

Page 2 of 2