Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-9941
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the clie...
Libvncserver Project Libvncserver
1 Article
668
VMScore
CVE-2016-9942
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payl...
Libvncserver Project Libvncserver 0.9.10
1 Article
890
VMScore
CVE-2008-4770
The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 up to and including 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol d...
Realvnc Realvnc P4.4.2
Realvnc Realvnc P4.0
Realvnc Realvnc 4.4.2
Realvnc Realvnc 4.1.2
Realvnc Realvnc E4.0
Realvnc Realvnc 4.0
534
VMScore
CVE-2013-0335
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.
Openstack Essex 2012.1
Openstack Grizzly 2012.2
Openstack Folsom 2012.2
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
383
VMScore
CVE-2011-0011
qemu-kvm prior to 0.11.0 disables VNC authentication when the password is cleared, which allows remote malicious users to bypass authentication and establish VNC sessions.
Qemu Qemu
Qemu Qemu 0.11.0
Qemu Qemu 0.10.1
Qemu Qemu 0.10.0
Qemu Qemu 0.1.0
Qemu Qemu 0.10.3
Qemu Qemu 0.10.2
Qemu Qemu 0.1.2
Qemu Qemu 0.1.1
Qemu Qemu 0.10.6
Qemu Qemu 0.1.6
Qemu Qemu 0.1.5
Qemu Qemu 0.10.5
Qemu Qemu 0.10.4
Qemu Qemu 0.1.4
Qemu Qemu 0.1.3
383
VMScore
CVE-2021-20590
Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model ...
Mitsubishielectric Got2000 Gt27 Firmware
Mitsubishielectric Got2000 Gt25 Firmware
Mitsubishielectric Gt2107-wtbd Firmware
Mitsubishielectric Gt2107-wtsd Firmware
Mitsubishielectric Gs2110-wtbd-n Firmware
Mitsubishielectric Gs2107-wtbd-n Firmware
NA
CVE-2019-15690
Integer Overflow or Wraparound leads to Heap-based Buffer Overflow (CVE-2019-15690)
578
VMScore
CVE-2019-15691
TigerVNC version before 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process ...
Tigervnc Tigervnc
Opensuse Leap 15.1
578
VMScore
CVE-2019-15695
TigerVNC version before 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start wri...
Tigervnc Tigervnc
Opensuse Leap 15.1
534
VMScore
CVE-2017-4941
VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x prior to 12.5.8), and Fusion (8.x prior to 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successf...
Vmware Fusion
Vmware Workstation
Vmware Esxi 5.5
Vmware Esxi 6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »