8 matches found
SUSE-SU-2026:0477-1 Security update for xrdp
This update for xrdp fixes the following issues: - CVE-2025-68670: Fix a potential overflow when processing user domain information. bsc1257362...
MGASA-2026-0037 Updated xrdp packages fix security vulnerability
xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow. CVE-2025-68670...
Fedora 42 : xorgxrdp / xrdp (2026-b409dad73e)
The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-b409dad73e advisory. Release notes for xrdp v0.10.5 2026/01/27 Security fixes - CVE-2025-68670: Improper bounds checking of domain string length leads to Stack-based...
libpainter0-0.9.27-1.1 on GA media (moderate)
libpainter0-0.9.27-1.1 on GA media Announcement ID: openSUSE-SU-2026:10146-1 Rating: moderate Cross-References: CVE-2025-68670 CVSS scores: CVE-2025-68670 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2025-68670 SUSE : 9.2...
Debian dla-4464 : xrdp - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4464 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4464-1 [email protected] https://www.debian.org/lts/security/...
CVE-2025-68670
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...
CVE-2025-68670
creationtimestamp| type| source ---|---|--- 2026-01-27 16:49:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdg7ohcsix27 2026-02-05 22:37:08+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3me5hbxnpzc2g 2026-02-08 14:43:32+00:00| seen|...
DEBIAN-CVE-2025-68670
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...