Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-42785
Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote malicious user to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server.
Tightvnc Tightvnc
5
CVSSv2
CVE-2008-3493
vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC servers to cause a denial of service (application crash) via a crafted frame buffer update packet.
Realvnc Realvnc Windows Client 4.1.2.0
1 EDB exploit
10
CVSSv2
CVE-2006-4309
VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote malicious users to login and view RDP or Citrix sessions.
Ak-systems Windows Terminal 1.2.5 Exvlp
4.9
CVSSv2
CVE-2008-2004
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted.
Qemu Qemu 0.9.1
NA
CVE-2023-3354
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake ph...
Qemu Qemu
Qemu Qemu 8.1.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Openstack Platform 13.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
7.8
CVSSv2
CVE-2018-20021
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows malicious user to consume excessive amount of resources like CPU and RAM
Libvnc Project Libvncserver
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
2.1
CVSSv2
CVE-2008-1945
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-20...
Qemu Qemu 0.9.0
Opensuse Opensuse 10.3
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 5.2
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
7.5
CVSSv2
CVE-2002-1336
TightVNC prior to 1.2.6 generates the same challenge string for multiple connections, which allows remote malicious users to bypass VNC authentication by sniffing the challenge and response of other users.
Tightvnc Tightvnc 1.2.4
Tightvnc Tightvnc 1.2.5
Tightvnc Tightvnc 1.2.1
Tightvnc Tightvnc 1.2.3
Tightvnc Tightvnc 1.2.0
7.5
CVSSv2
CVE-2001-1422
WinVNC 3.3.3 and previous versions generates the same challenge string for multiple connections, which allows remote malicious users to bypass VNC authentication by sniffing the challenge and response of other users.
Att Winvnc
6.5
CVSSv2
CVE-2010-4664
In ConsoleKit prior to 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.
Consolekit Project Consolekit
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »