Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libvncserver project libvncserver vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2016-9941
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the clie...
Libvncserver Project Libvncserver
1 Article
1000
VMScore
CVE-2016-9942
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer prior to 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payl...
Libvncserver Project Libvncserver 0.9.10
1 Article
850
VMScore
CVE-2020-29260
libvncclient v0.9.13 exists to contain a memory leak via the function rfbClientCleanup().
Libvncserver Project Libvncserver 0.9.13
Debian Debian Linux 10.0
850
VMScore
CVE-2010-5304
A NULL pointer dereference flaw was found in the way LibVNCServer prior to 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Libvncserver Project Libvncserver
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
850
VMScore
CVE-2020-25708
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
Libvncserver Project Libvncserver 0.9.12
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
850
VMScore
CVE-2020-14399
An issue exists in LibVNCServer prior to 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
Libvncserver Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
850
VMScore
CVE-2020-14400
An issue exists in LibVNCServer prior to 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
Libvncserver Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
750
VMScore
CVE-2020-14401
An issue exists in LibVNCServer prior to 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
Libvncserver Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
1000
VMScore
CVE-2017-18922
It exists that websockets.c in LibVNCServer before 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
Libvncserver Project Libvncserver
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
850
VMScore
CVE-2018-20022
LibVNC prior to 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows malicious user to read stack memory and can be abuse for information disclosure. Combined with another vulnerability...
Libvnc Project Libvncserver
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-25291
CVE-2025-29358
download manager
visual bacnet capture tool
golang.org/x/net
CVE-2025-1429
log injection
codename065
local users
CVE-2025-29359
CVE-2025-27363
CVE-2025-2104
wireless
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »