Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-9941
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the clie...
Libvncserver Project Libvncserver
1 Article
10
CVSSv2
CVE-2008-4770
The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 up to and including 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol d...
Realvnc Realvnc P4.4.2
Realvnc Realvnc P4.0
Realvnc Realvnc 4.4.2
Realvnc Realvnc 4.1.2
Realvnc Realvnc E4.0
Realvnc Realvnc 4.0
6
CVSSv2
CVE-2013-0335
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.
Openstack Essex 2012.1
Openstack Grizzly 2012.2
Openstack Folsom 2012.2
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
4.3
CVSSv2
CVE-2011-0011
qemu-kvm prior to 0.11.0 disables VNC authentication when the password is cleared, which allows remote malicious users to bypass authentication and establish VNC sessions.
Qemu Qemu
Qemu Qemu 0.11.0
Qemu Qemu 0.10.1
Qemu Qemu 0.10.0
Qemu Qemu 0.1.0
Qemu Qemu 0.10.3
Qemu Qemu 0.10.2
Qemu Qemu 0.1.2
Qemu Qemu 0.1.1
Qemu Qemu 0.10.6
Qemu Qemu 0.1.6
Qemu Qemu 0.1.5
Qemu Qemu 0.10.5
Qemu Qemu 0.10.4
Qemu Qemu 0.1.4
Qemu Qemu 0.1.3
4.3
CVSSv2
CVE-2021-20590
Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model ...
Mitsubishielectric Got2000 Gt27 Firmware
Mitsubishielectric Got2000 Gt25 Firmware
Mitsubishielectric Gt2107-wtbd Firmware
Mitsubishielectric Gt2107-wtsd Firmware
Mitsubishielectric Gs2110-wtbd-n Firmware
Mitsubishielectric Gs2107-wtbd-n Firmware
6
CVSSv2
CVE-2017-4941
VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x prior to 12.5.8), and Fusion (8.x prior to 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successf...
Vmware Fusion
Vmware Workstation
Vmware Esxi 5.5
Vmware Esxi 6.0
6
CVSSv2
CVE-2017-4933
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x prior to 12.5.8), and Fusion (8.x prior to 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Succes...
Vmware Workstation Pro
Vmware Workstation Pro 14.0
Vmware Workstation Pro 14.1.0
Vmware Esxi 6.5
Vmware Fusion
NA
CVE-2023-47251
In mprivacy-tools prior to 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool dir...
M-privacy Mprivacy-tools
M-privacy Tightgatevnc
7.2
CVSSv2
CVE-2014-7872
Comodo GeekBuddy prior to 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
Comodo Geekbuddy
1 EDB exploit
6
CVSSv2
CVE-2015-3252
Apache CloudStack prior to 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote malicious users to gain access by connecting to the VNC server.
Apache Cloudstack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »