Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-4573-1
HistoryOct 07, 2020 - 12:45 p.m.

vino vulnerabilities

2020-10-0712:45:39
Google
osv.dev
3

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.114 Low

EPSS

Percentile

95.2%

JSON

Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText
messages. A remote attacker could use this issue to cause the server to
crash, resulting in a denial of service. (CVE-2014-6053)

It was discovered that Vino incorrectly handled certain packet lengths. A
remote attacker could possibly use this issue to obtain sensitive
information, cause a denial of service, or execute arbitrary code.
(CVE-2018-7225)

Pavel Cheremushkin discovered that an information disclosure vulnerability
existed in Vino when sending a ServerCutText message. An attacker could
possibly use this issue to expose sensitive information. (CVE-2019-15681)

It was discovered that Vino incorrectly handled region clipping. A remote
attacker could possibly use this issue to cause Vino to crash, resulting in
a denial of service. (CVE-2020-14397)

It was discovered that Vino incorrectly handled encodings. A remote
attacker could use this issue to cause Vino to crash, resulting in a denial
of service, or possibly execute arbitrary code. (CVE-2020-14402,
CVE-2020-14403, CVE-2020-14404)

Related

nessus 52
openvas 50
ubuntu 3
mageia 6
debian 7
osv 13
ubuntucve 7
virtuozzo 2
prion 7
veracode 7
debiancve 7
alpinelinux 6
cve 7
redhatcve 6
suse 7
ics 1
centos 2
fedora 3
oraclelinux 2
redhat 2
amazon 1
rosalinux 1
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Vino vulnerabilities (USN-4573-1)
2020-10-08 00:00:00
Debian DLA-2014-1 : vino security update
2019-12-03 00:00:00
Debian DLA-2347-1 : libvncserver security update
2020-08-31 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4573-1)
2020-10-08 00:00:00
Mageia: Security Advisory (MGASA-2020-0288)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-2014-1)
2019-11-30 00:00:00
ubuntu
ubuntu
Vino vulnerabilities
2020-10-07 00:00:00
LibVNCServer vulnerabilities
2020-07-23 00:00:00
LibVNCServer vulnerability
2018-04-04 00:00:00
mageia
mageia
Updated vino packages fix security vulnerability
2020-07-10 11:01:08
Updated vino packages fix security vulnerability
2020-06-11 00:39:20
Updated libvncserver packages fix security vulnerability
2020-07-05 22:48:23
debian
debian
[SECURITY] [DLA 2014-1] vino security update
2019-11-29 08:30:55
[SECURITY] [DLA 2264-1] libvncserver security update
2020-06-30 09:29:43
[SECURITY] [DLA 2347-1] libvncserver security update
2020-08-28 21:36:49
osv
osv
vino - security update
2019-11-29 00:00:00
libvncserver - security update
2020-06-30 00:00:00
libvncserver - security update
2020-08-28 00:00:00
ubuntucve
ubuntucve
CVE-2020-14403
2020-06-17 00:00:00
CVE-2020-14404
2020-06-17 00:00:00
CVE-2020-14402
2020-06-17 00:00:00
virtuozzo
virtuozzo
Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 2 (7.0.14-258)
2020-08-19 00:00:00
Important product security update: Virtuozzo 6.0 Update 12 Hotfix 49 (6.0.12-3754)
2019-12-06 00:00:00
prion
prion
Null pointer dereference
2020-06-17 16:15:00
Design/Logic Flaw
2020-06-17 16:15:00
Design/Logic Flaw
2020-06-17 16:15:00
veracode
veracode
Denial Of Service (DoS)
2020-06-18 06:16:46
Denial Of Service (DoS)
2020-06-18 03:02:53
Information Disclosure
2019-10-31 01:17:46
debiancve
debiancve
CVE-2020-14397
2020-06-17 16:15:00
CVE-2020-14403
2020-06-17 16:15:00
CVE-2020-14402
2020-06-17 16:15:00
alpinelinux
alpinelinux
CVE-2020-14397
2020-06-17 16:15:00
CVE-2020-14402
2020-06-17 16:15:00
CVE-2020-14403
2020-06-17 16:15:00
cve
cve
CVE-2020-14402
2020-06-17 16:15:00
CVE-2020-14403
2020-06-17 16:15:00
CVE-2020-14397
2020-06-17 16:15:00
redhatcve
redhatcve
CVE-2020-14403
2020-07-24 10:37:48
CVE-2020-14402
2020-07-24 11:37:51
CVE-2020-14397
2020-07-24 11:07:44
suse
suse
Security update for vino (moderate)
2020-07-26 00:00:00
Security update for LibVNCServer (important)
2020-07-21 00:00:00
Security update for LibVNCServer (important)
2020-05-11 00:00:00
ics
ics
Siemens SIMATIC ITC
2021-12-16 12:00:00
centos
centos
libvncserver security update
2018-05-30 18:24:07
kdenetwork security update
2014-11-12 09:44:41
fedora
fedora
[SECURITY] Fedora 27 Update: libvncserver-0.9.11-5.fc27
2018-03-27 20:18:22
[SECURITY] Fedora 28 Update: libvncserver-0.9.11-6.fc28
2018-03-30 13:40:02
[SECURITY] Fedora 26 Update: libvncserver-0.9.11-3.fc26
2018-04-03 14:25:24
oraclelinux
oraclelinux
libvncserver security update
2018-04-17 00:00:00
kdenetwork security update
2014-11-11 00:00:00
redhat
redhat
(RHSA-2018:1055) Moderate: libvncserver security update
2018-04-10 08:05:00
(RHSA-2014:1827) Moderate: kdenetwork security update
2014-11-11 14:45:20
amazon
amazon
Medium: libvncserver
2018-05-10 17:21:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1900
2021-07-02 17:22:34

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.114 Low

EPSS

Percentile

95.2%

JSON
Related for OSV:USN-4573-1
nessus52openvas50ubuntu3mageia6debian7osv13ubuntucve7virtuozzo2prion7veracode7debiancve7alpinelinux6cve7redhatcve6suse7ics1centos2fedora3oraclelinux2redhat2amazon1rosalinux1