Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libvncserver project libvncserver vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-29260
libvncclient v0.9.13 exists to contain a memory leak via the function rfbClientCleanup().
Libvncserver Project Libvncserver 0.9.13
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2020-25708
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
Libvncserver Project Libvncserver 0.9.12
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2017-18922
It exists that websockets.c in LibVNCServer before 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
Libvncserver Project Libvncserver
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
7.5
CVSSv3
CVE-2019-20839
libvncclient/sockets.c in LibVNCServer prior to 0.9.13 has a buffer overflow via a long socket filename.
Libvnc Project Libvncserver
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2019-20840
An issue exists in LibVNCServer prior to 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
Libvnc Project Libvncserver
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2020-14397
An issue exists in LibVNCServer prior to 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
Libvnc Project Libvncserver
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2020-14399
An issue exists in LibVNCServer prior to 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
Libvncserver Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
7.5
CVSSv3
CVE-2020-14400
An issue exists in LibVNCServer prior to 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
Libvncserver Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2020-14401
An issue exists in LibVNCServer prior to 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
Libvncserver Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
5.4
CVSSv3
CVE-2020-14403
An issue exists in LibVNCServer prior to 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
Libvnc Project Libvncserver
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »