SUSE CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

The vulnerability of the VNC module of the Media Player VLC allows a hacker to execute arbitrary code on the target system.

The vulnerability of the VNC media player VLC is related to a boundary error during the playback of a malicious URL address within the VNC module. Exploiting this vulnerability allows an attacker to remotely trick the victim into opening a specially created stream, causing memory corruption and...

DEBIAN-CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

UBUNTU-CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

QEMU 数字错误漏洞

QEMU Quick Emulator is a set of emulation processor software from Fabrice Bellard, a French personal developer. QEMU VNC server has a denial of service vulnerability, which stems from an integer underflow in the processing of ClientCutText messages in extended format, which can be exploited by an...

CVE-2022-36436

OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. A remote attacke...

PYSEC-2022-267

OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. A remote attacke...

CVE-2022-24422

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console...

The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems allows a intruder to gain unauthorized access to protected information.

The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the VNC client software for remote desktop management, UltraVNC, relates to writing beyond the buffer boundaries in memory. This allows a malicious actor to trigger a service failure.

The vulnerability of the VNC client software for remote desktop management, UltraVNC, is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

The vulnerability of the software for implementing VNC functions of LibVNCServer lies in the lack of checks for division by zero, which allows a perpetrator to trigger a service failure.

The vulnerability of the software for implementing VNC functions of LibVNCServer is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Trickbot Malware Rebounds with Virtual-Desktop Espionage Module

The Trickbot trojan is in resurgence mode, with its operators filling out infrastructure globally and releasing an updated version of its “vncDll” module, used for monitoring and intelligence gathering, researchers said. According to an analysis this week from Bitdefender, there has been “a...

The vulnerability of the CopyRectDecoder decoder in the VNC TigerVNC software allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the CopyRectDecoder decoder in the VNC TigerVNC software is related to the operation of pushing the output data within acceptable buffer limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause servic...

The vulnerability of VNC implementations with extensions for optimizing operations under slow data transmission channels, such as Tightvnc, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of VNC implementations with extensions for optimizing operations under slow data transmission channels, such as Tightvnc, is related to the execution of operations within the allowable buffer size limits. Exploiting this vulnerability can allow a remote attacker to gain access t...

QEMU: vnc: memory leakage upon disconnect

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

LibVNCServer code issue vulnerability (CNVD-2020-36782)

LibVNCServer is a cross-platform C library that supports the implementation of VNC Virtual Network Computing server or client functionality in a program. A code issue vulnerability exists in the libvncclient/tlsopenssl.c file in versions of LibVNCServer prior to 0.9.13. A remote attacker could...

USN-4372-1 qemu vulnerabilities

It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. CVE-2019-15034 It was discovered that QEMU incorrectly handled memo...

The vulnerability of the VNC Server component of the remote desktop management software UltraVNC, which is part of the monitoring, control, and remote maintenance module for the commercial cold production equipment of TelevisGo, allows a perpetrator to execute arbitrary code.

The vulnerability of the VNC Server component of the UltraVNC software, which is part of the monitoring, control, and remote maintenance module for commercial cold production equipment of TelevisGo, is related to incorrect calculations in the software. Exploiting this vulnerability allows a...

The vulnerability of the ClientConnection::ReadString function in the VNC client component of the UltraVNC software, which is part of the monitoring, control, and remote maintenance module for commercial cold production equipment of TelevisGo, allows a perpetrator to execute arbitrary code.

The vulnerability of the ClientConnection::ReadString function in the VNC component of the UltraVNC software for remote desktop management systems, which is part of the monitoring, control, and remote maintenance module for commercial cold production equipment like TelevisGo, is related to a...

The vulnerability of the CoRRE decoder’s VNC client, a software tool for managing remote desktops like UltraVNC, allows a hacker to execute arbitrary code.

The vulnerability of the CoRRE decoder’s VNC client, a software component for managing remote desktops such as UltraVNC, lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...