Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vnc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-8262
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.
Uvnc Ultravnc
Siemens Sinumerik Access Mymachine\\/p2p
Siemens Sinumerik Pcu Base Win10 Software\\/ipc
Siemens Sinumerik Pcu Base Win7 Software\\/ipc
7.5
CVSSv2
CVE-2019-8280
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.
Uvnc Ultravnc
7.5
CVSSv2
CVE-2019-8264
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.
Uvnc Ultravnc
6.5
CVSSv2
CVE-2014-8750
Race condition in the VMware driver in OpenStack Compute (Nova) prior to 2014.1.4 and 2014.2 prior to 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.
Openstack Nova
Openstack Nova 2014.2
5.8
CVSSv2
CVE-2011-1775
The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-middle malicious users to spoof a TLS VNC server via an arbitrary certificate...
Tigervnc Tigervnc 1.1
7.5
CVSSv2
CVE-2019-8271
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.
Uvnc Ultravnc
Siemens Sinumerik Access Mymachine\\/p2p
Siemens Sinumerik Pcu Base Win10 Software\\/ipc
Siemens Sinumerik Pcu Base Win7 Software\\/ipc
6.8
CVSSv2
CVE-2008-5660
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x prior to 0.5.2 and 2.x prior to 2.24.2 might allow remote malicious users to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
Gnome Vinagre 2.23.1
Gnome Vinagre 2.23.2
Gnome Vinagre 2.24.1
Gnome Vinagre 0.5.0
Gnome Vinagre 2.23.4
Gnome Vinagre 2.23.90
Gnome Vinagre 2.23.3
Gnome Vinagre 2.23.3.1
Gnome Vinagre 0.5.1
Gnome Vinagre 2.23.92
Gnome Vinagre 2.23.91
Gnome Vinagre 2.24.0
1 EDB exploit
5
CVSSv2
CVE-2013-1430
An issue exists in xrdp prior to 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.
Neutrinolabs Xrdp
Debian Debian Linux 7.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2019-8267
UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial of service (DoS) condition. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1208.
Uvnc Ultravnc
5
CVSSv2
CVE-2019-8269
UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 120...
Uvnc Ultravnc
Siemens Sinumerik Access Mymachine\\/p2p
Siemens Sinumerik Pcu Base Win10 Software\\/ipc
Siemens Sinumerik Pcu Base Win7 Software\\/ipc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »