LibVNCServer-devel-0.9.15-3.1 on GA media (moderate)

LibVNCServer-devel-0.9.15-3.1 on GA media Announcement ID: openSUSE-SU-2026:10905-1 Rating: moderate Cross-References: CVE-2026-44988 CVSS scores: CVE-2026-44988 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-44988 SUSE : 9.2...

OPENSUSE-SU-2026:10905-1 LibVNCServer-devel-0.9.15-3.1 on GA media

These are all security issues fixed in the LibVNCServer-devel-0.9.15-3.1 package on the GA media of openSUSE Tumbleweed...

LibVNCServer 缓冲区错误漏洞

LibVNCServer is a cross-platform C language library developed by LibVNC, which supports implementing VNC Virtual Network Computing server or client functions within programs. Versions of LibVNCServer prior to 0.9.15 contained a buffer error vulnerability. This vulnerability stemmed from the Tight...

Astra Linux - уязвимость в libvncserver

It was discovered that the websockets.c file in LibVNCServer prior to version 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, resulting in a heap-based buffer overflow...

Advisory ROSA-SA-2026-3283

Software: libvncserver 0.9.13 OS: ROSA-CHROME unaffected versions = libvncserver-0.9.13-3 affected versions libvncserver-0.9.13-3 CVE-ID: CVE-2026-32853 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A read outside the heap buffer vulnerability in the UltraZip encoding handler in LibVNCServer allows a...

OESA-2026-2255 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

OESA-2026-2252 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

Astra Linux - уязвимость в libvncserver

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c...

Astra Linux - уязвимость в libvncserver

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service...

Astra Linux - уязвимость в libvncserver

It has been discovered that libvncclient v0.9.13 contains a memory leak through the rfbClientCleanup function...

Astra Linux - уязвимость в vino

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data. This allows remote attackers to cause a denial of service memory consumption or daemon crash by processing a...

Astra Linux - уязвимость в vino

A issue was discovered in LibVNCServer through version 0.9.11. The function rfbProcessClientNormalMessage in rfbserver.c does not sanitize the msg.cct.length variable, allowing access to uninitialized and potentially sensitive data, or possibly causing unspecified other impacts e.g., integer...

SUSE SLES16 Security Update : LibVNCServer (SUSE-SU-2026:21206-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21206-1 advisory. - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. -...

openSUSE 16 Security Update : LibVNCServer (openSUSE-SU-2026:20552-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20552-1 advisory. - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafte...

Security update for LibVNCServer (important)

openSUSE security update: security update for libvncserver ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20552-1 Rating: important References: bsc1260429 bsc1260431 Cross-References: CVE-2026-32853 CVE-2026-32854 CVSS scores: CVE-2026-32853 SUSE :...

OPENSUSE-SU-2026:20552-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429...

SUSE-SU-2026:21206-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429...

Amazon Linux 2 : libvncserver, --advisory ALAS2-2026-3247 (ALAS-2026-3247)

The version of libvncserver installed on the remote host is prior to 0.9.9-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3247 advisory. LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in th...

SUSE: Security Advisory (SUSE-SU-2026:1174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:1173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...