Lucene search
K

3511 matches found

Nuclei
Nuclei
added yesterday103 views

Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation CNCF as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to...

9.8CVSS6AI score0.33618EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58073

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.2 FortiSandbox versions 4.4.3 through 4.4.8 Description An exposure of resource to wrong sphere issue allows an unauthenticated attacker to access the VNC server of virtual machines performing scanning v...

8.6CVSS6.1AI score
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/08 8:54 p.m.5 views

gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.6AI score0.0053EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/27 12:56 a.m.6 views

[SECURITY] Fedora 43 Update: tigervnc-1.16.2-4.fc43

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

9.1CVSS6.8AI score0.00489EPSS
Exploits0
Fedora
Fedora
added 2026/06/23 1:9 a.m.6 views

[SECURITY] Fedora 44 Update: tigervnc-1.16.2-4.fc44

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

9.1CVSS6.8AI score0.00489EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/18 1:53 a.m.6 views

SUSE CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.5AI score0.0053EPSS
Exploits0References3
OSV
OSV
added 2026/06/15 8:16 p.m.6 views

DEBIAN-CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 8:16 p.m.11 views

CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS0.0053EPSS
Exploits0References7
CVE
CVE
added 2026/06/15 7:15 p.m.48 views

CVE-2026-52720

GStreamer: librfb (RFB/VNC client) is affected by a heap buffer overflow caused by improper bounds checking of rectangle dimensions, allowing a malicious VNC server to send a rectangle extending beyond the framebuffer. This can lead to an out-of-bounds heap write and, per the report, potential co...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/15 7:15 p.m.7 views

CVE-2026-52720 Gstreamer1-plugins-bad-free: gstreamer: heap buffer overflow via crafted vnc server rectangle in librfb

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/15 7:15 p.m.10 views

CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6AI score0.0053EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.10 views

Space Fabric: A Satellite-Enhanced Trusted Execution Architecture

The emergence of decentralized satellite networks and orbital computing platforms creates a pressing need for trust architectures that can operate without physical access to the hardware, without reliance on pre-provisioned vendor secrets, and without dependence on a single manufacturer's...

5.5AI score
Exploits0
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Microsoft Azure Stack Edge 输入验证错误漏洞

Microsoft Azure Stack Edge is a Azure-hosted device by Microsoft that integrates Azure computing, storage, and intelligent features at the edge. There are security vulnerabilities present in Microsoft Azure Stack Edge. Attackers can exploit these vulnerabilities to execute code remotely...

9.8CVSS5.9AI score0.00753EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

RHEL 9 : tigervnc (RHSA-2026:22424)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22424 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

9.8CVSS5.7AI score0.00489EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/06/01 2:0 a.m.19 views

qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

7.5CVSS5.7AI score0.00783EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/05/31 11:34 a.m.93 views

CodeAlpha_SQLInjectionSecurity

CodeAlphaSQLInjectionSecur...

5.9AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/27 2:26 p.m.12 views

CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.8CVSS5.8AI score0.00242EPSS
Exploits0
CVE
CVE
added 2026/05/27 2:26 p.m.28 views

CVE-2026-44988

CVE-2026-44988 concerns LibVNCClient (0.9.15 and earlier) where the Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter and does not reject Wide Tight rectangles. A malicious VNC server can send a FramebufferUpdate rectangle encoded with Tight (NoZlib | Expli...

8.8CVSS5.8AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 5:6 p.m.18 views

EUVD-2026-31912

Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have...

9.8CVSS5.9AI score0.00498EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:6 p.m.7 views

CVE-2026-7251

Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have ful...

9.8CVSS5.9AI score0.00498EPSS
Exploits0References4
Rows per page
Query Builder