Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2839
Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
Apple Mac Os X 10.5.8
Apple Mac Os X Server 10.5.8
NA
CVE-2006-2206
The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote malicious users to gain privileges by sniffing and decrypting passwords.
Ultravnc Ultravnc 1.0.1
NA
CVE-2013-6886
RealVNC VNC 5.0.6 on Mac OS X, Linux, and UNIX allows local users to gain privileges via a crafted argument to the (1) vncserver, (2) vncserver-x11, or (3) Xvnc helper.
Realvnc Realvnc 5.0.6
9.8
CVSSv3
CVE-2022-24422
Dell iDRAC9 versions 5.00.00.00 and later but before 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console.
Dell Idrac9
3.5
CVSSv3
CVE-2019-20382
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
Qemu Qemu 4.1.0
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
NA
CVE-2013-2757
Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x prior to 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote malicious users to have unspecified impact via unknown vectors.
Citrix Cloudplatform 3.0.6
Citrix Cloudplatform 3.0
Citrix Cloudplatform 3.0.5
Citrix Cloudplatform 3.0.3
Citrix Cloudplatform 3.0.4
9.8
CVSSv3
CVE-2019-8258
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.
Uvnc Ultravnc
Siemens Sinumerik Access Mymachine\\/p2p
Siemens Sinumerik Pcu Base Win10 Software\\/ipc
Siemens Sinumerik Pcu Base Win7 Software\\/ipc
NA
CVE-2013-5135
Format string vulnerability in Screen Sharing Server in Apple Mac OS X prior to 10.9 and Apple Remote Desktop prior to 3.5.4 allows remote malicious users to execute arbitrary code via format string specifiers in a VNC username.
Apple Apple Remote Desktop 3.0.0
Apple Apple Remote Desktop 3.1
Apple Apple Remote Desktop 3.2
Apple Apple Remote Desktop 3.3.2
Apple Apple Remote Desktop 3.4
Apple Apple Remote Desktop 3.5
Apple Apple Remote Desktop 3.5.1
Apple Apple Remote Desktop 3.2.2
Apple Apple Remote Desktop 3.3.1
Apple Apple Remote Desktop 3.5.2
Apple Apple Remote Desktop 3.2.1
Apple Apple Remote Desktop 3.3
Apple Apple Remote Desktop
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.1
Apple Mac Os X
Apple Mac Os X 10.8.0
NA
CVE-2008-0610
Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 prior to 01252008, when in LISTENING mode or when using the DSM plugin, allows remote malicious users to execute arbi...
Ultravnc Ultravnc 1.0.4 Rc7
Ultravnc Ultravnc 1.0.4 Rc8
Ultravnc Ultravnc 1.0.4
Ultravnc Ultravnc 1.0.4 Rc6
Ultravnc Ultravnc 1.0.2
1 EDB exploit
9.8
CVSSv3
CVE-2018-15361
UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.
Uvnc Ultravnc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »