Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2010-5304
A NULL pointer dereference flaw was found in the way LibVNCServer prior to 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Libvncserver Project Libvncserver
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
NA
CVE-2001-0168
Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and previous versions allows remote malicious users to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.
Att Winvnc
1 EDB exploit
5.3
CVSSv3
CVE-2018-6957
VMware Workstation (14.x prior to 14.1.1, 12.x) and Fusion (10.x prior to 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must...
Vmware Workstation Pro 12.1.1
Vmware Workstation Pro 12.5
Vmware Workstation Pro 12.5.1
Vmware Workstation Pro 12.5.2
Vmware Workstation Pro 12.5.7
Vmware Workstation Pro
Vmware Workstation Pro 12.01
Vmware Workstation Pro 12.5.4
Vmware Workstation Pro 12.5.6
Vmware Workstation Pro 12.0
Vmware Workstation Pro 12.1
Vmware Workstation Pro 12.5.3
Vmware Workstation Pro 12.5.5
Vmware Workstation Player 12.5.1
Vmware Workstation Player 12.5.2
Vmware Workstation Player 12.5.3
Vmware Workstation Player 12.5.4
Vmware Workstation Player 12.5.5
Vmware Workstation Player 12.0
Vmware Workstation Player 12.0.1
Vmware Workstation Player 12.1.1
Vmware Workstation Player 12.5.6
9.8
CVSSv3
CVE-2015-9254
Datto ALTO and SIRIS devices have a default VNC password.
Datto Alto 3 Firmware -
Datto Alto 2 Firmware -
Datto Alto Xl Firmware -
Datto Siris 3 Firmware -
Datto Siris 2 Firmware -
Datto Siris 3 X All-flash Firmware -
Datto Siris Virtual Firmware -
Datto Alto Imaged Firmware -
NA
CVE-2008-4539
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this iss...
Kvm Qumranet Kvm
Qemu Qemu
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Debian Debian Linux 5.0
Debian Debian Linux 4.0
9.8
CVSSv3
CVE-2014-0011
Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC prior to 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to scree...
Tigervnc Tigervnc
6
CVSSv3
CVE-2016-8667
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
Qemu Qemu
Qemu Qemu 2.9.0
Opensuse Leap 42.2
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player up to and including 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
Videolan Vlc Media Player
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2015-5239
Integer overflow in the VNC display driver in QEMU prior to 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
Qemu Qemu
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Desktop 12
Arista Eos 4.15
Arista Eos 4.14
Arista Eos 4.13
Arista Eos 4.12
9.8
CVSSv3
CVE-2019-17662
ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be ...
Cybelsoft Thinvnc 1.0
1 EDB exploit
10 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »