Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2026/04/20 11:26 p.m.7 views

SUSE CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

6.3CVSS6.2AI score0.00356EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-33689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remot...

9.1CVSS7.3AI score0.00484EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 9:16 p.m.5 views

DEBIAN-CVE-2026-35512

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

8.8CVSS6.2AI score0.00583EPSS
Exploits0References1
NVD
NVD
added 2026/04/17 9:16 p.m.5 views

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

6.3CVSS0.00356EPSS
Exploits0References2
NVD
NVD
added 2026/04/17 8:16 p.m.4 views

CVE-2026-32623

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

8.1CVSS0.00544EPSS
Exploits0References2
Rows per page
Query Builder