UBUNTU-CVE-2019-15681

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...

DEBIAN-CVE-2017-18635

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name...

PT-2019-2935 · Cisco · Cisco Enterprise Nfv Infrastructure

Name of the Vulnerable Software and Affected Versions: Cisco Enterprise NFV Infrastructure Software NFVIS affected versions not specified Description: A vulnerability in the Virtual Network Computing VNC console implementation could allow an unauthenticated, remote attacker to access the VNC...

Information Disclosure

Vino is a Virtual Network Computing VNC server for GNOME. It allows remote users to connect to a running GNOME session using VNC. It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who had not authenticated. A...

The vulnerability of the component for implementing remote access to the desktop based on the VNC protocol in the Astra Linux operating system, related to the incorrect use of flags during compilation, allows a hacker to trigger a service failure.

The vulnerability of the component for implementing remote access to the desktop based on the VNC protocol in the Astra Linux operating system is related to the incorrect use of flags during compilation. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

UltraVNC Code Execution Vulnerability

UltraVNC is an open source remote terminal control software for the Windows platform. A security vulnerability exists in the VNC server code in UltraVNC version 1211. An attacker could exploit the vulnerability to execute code...

CVE-2019-8273

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...

CVE-2019-8265

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in...

CVE-2019-8272

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...

UltraVNC Buffer Overflow Vulnerability

UltraVNC is an open source remote terminal control software for the Windows platform. A buffer overflow vulnerability exists in the VNC client code in UltraVNC version 1198. An attacker could exploit this vulnerability to execute code...

CVE-2018-15361

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199...

The vulnerability of the LibVNC library, related to reading data beyond the specified buffer, allows a hacker to execute arbitrary code.

The vulnerability of the LibVNC library relates to the reading of data beyond the specified buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VNC Repeater component of the LibVNC library, which allows a hacker to disclose protected information

The vulnerability of the VNC Repeater component in the client library LibVNC is related to initialization errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of Siemens Sinumerik programmable logic controllers is related to an error in processing network packets by the VNC server. This error allows a intruder to trigger a service failure of the VNC server.

The vulnerability of Siemens Sinumerik programmable logic controllers is related to an error in processing network packets by the VNC server. Exploiting this vulnerability allows a malicious actor to cause a service failure on the VNC server by sending specially crafted packets to port 5900/TCP...

The vulnerability of Siemens Sinumerik programmable logic controllers lies in the integer overflow that occurs in the VNC server. This allows a perpetrator to execute arbitrary code with privileged privileges.

The vulnerability of Siemens Sinumerik programmable logic controllers is related to a numerical overflow in the VNC server. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with privileged privileges by sending specially crafted packets to port 5900/TCP...

LibVNC Improper Initialization Vulnerability

LibVNC is a cross-platform C library for implementing VNC server and client functionality. A security vulnerability exists in the VNC client code in versions prior to LibVNC 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838, which stems from incorrect initialization of the program. An attacker could explo...

LibVNC Null Pointer Reverse Reference Vulnerability

LibVNC is a cross-platform C library for implementing VNC server and client functionality. A null pointer back-reference vulnerability exists in VNC client code in versions prior to LibVNC commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7. An attacker could exploit this vulnerability to cause a...

DEBIAN-CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...

UBUNTU-CVE-2018-20019

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution...

Multiple Siemens Products Denial of Service Vulnerabilities

Siemens SINUMERIK 808D and so on are the German Siemens Siemens company's CNC machine tool system controller. A security vulnerability exists in several Siemens products. A remote attacker could exploit this vulnerability by using the integrated VNC server on port 5900/tcp to cause a denial of...