Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2007-3536
Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 allow remote malicious users to execute arbitrary code via long (1) Host, (2) Password, or (3) LogFile property values.
Amx Netlinx Vnc Activex Control 1.0.13.0
1 EDB exploit
9
CVSSv2
CVE-2006-1652
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and previous versions and (b) tabbed_viewer 1.29 (1) allow user-assisted remote malicious users to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, whi...
Ultravnc Vnc Viewer 1.0.1
Ultravnc Tabbed Viewer 1.29
3 EDB exploits
7.5
CVSSv2
CVE-2002-0994
SunPCi II VNC uses a weak authentication scheme, which allows remote malicious users to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
Sun Sun Pci Ii Driver 2.3
1 EDB exploit
7.5
CVSSv2
CVE-2019-1895
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to access the VNC console session of an administrative user on an affected device. The vulne...
Cisco Enterprise Network Function Virtualization Infrastructure
NA
CVE-2019-18911
HP has identified an issue affecting VNC session security within HP Device Manager that could potentially be leveraged to create unauthorized connections.
7.1
CVSSv2
CVE-2013-5745
The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and previous versions, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remo...
David King Vino 3.6.2
David King Vino
David King Vino 3.4.2
David King Vino 3.2.1
David King Vino 3.2.0
David King Vino 3.1.2
David King Vino 3.1.1
David King Vino 2.99.3
David King Vino 2.99.2
David King Vino 2.8.0
David King Vino 3.6.0
David King Vino 3.6.1
David King Vino 3.3.1
David King Vino 3.2.2
David King Vino 3.1.4
David King Vino 3.1.3
David King Vino 3.0.0
David King Vino 2.99.5
David King Vino 2.99.4
David King Vino 2.8.1
David King Vino 2.8.0.1
David King Vino 2.7.4.90
1 EDB exploit
5.8
CVSSv2
CVE-2020-26117
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC prior to 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
Tigervnc Tigervnc
Debian Debian Linux 9.0
Opensuse Leap 15.2
5
CVSSv2
CVE-2008-2382
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and previous versions and (2) KVM kvm-79 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a certain message.
Qemu Qemu 0.8.0
Qemu Qemu 0.7.2
Qemu Qemu 0.5.3
Qemu Qemu 0.5.2
Qemu Qemu
Qemu Qemu 0.3.0
Qemu Qemu 0.2.0
Qemu Qemu 0.1.4
Qemu Qemu 0.7.1
Qemu Qemu 0.7.0
Qemu Qemu 0.5.1
Qemu Qemu 0.5.0
Qemu Qemu 0.1.1
Qemu Qemu 0.1.2
Qemu Qemu 0.8.2
Qemu Qemu 0.8.1
Qemu Qemu 0.5.5
Qemu Qemu 0.5.4
Qemu Qemu 0.4.1
Qemu Qemu 0.4.0
Qemu Qemu 0.1.6
Qemu Qemu 0.1.3
1 EDB exploit
10
CVSSv2
CVE-2009-0388
Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) Cli...
Tightvnc Tightvnc 1.3.9
Ultravnc Ultravnc 1.0.2
Ultravnc Ultravnc 1.0.5
2 EDB exploits
7.5
CVSSv2
CVE-2016-9942
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payl...
Libvncserver Project Libvncserver 0.9.10
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »