19 matches found
Mageia: Security Advisory (MGASA-2019-0037)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:13927-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0080-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4587-1: iTALC vulnerabilities
Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055...
Ubuntu 16.04 LTS : SSVNC vulnerabilities (USN-4547-2)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4547-2 advisory. It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to...
Ubuntu: Security Advisory (USN-4547-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4547-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4547-2: SSVNC vulnerabilities
It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-202...
[SECURITY] [DLA 2045-1] tightvnc security update
Package : tightvnc Version : 1.3.9-6.5+deb8u1 CVE ID : CVE-2014-6053 CVE-2018-7225 CVE-2019-8287 CVE-2018-20021 CVE-2018-20022 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681 Debian Bug : 945364 Several vulnerabilities have recently been discovered in TightVNC 1.x, an X11 based VNC...
Debian: Security Advisory (DLA-2016-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-201908-05 : LibVNCServer: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201908-05 LibVNCServer: Multiple vulnerabilities Multiple vulnerabilities have been discovered in LibVNCServer. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers...
openSUSE Security Update : LibVNCServer (openSUSE-2019-53)
This update for LibVNCServer fixes the following issues : Security issues fixed : - CVE-2018-15126: Fixed use-after-free in file transfer extension bsc1120114 - CVE-2018-6307: Fixed use-after-free in file transfer extension server code bsc1120115 - CVE-2018-20020: Fixed heap out-of-bound write...
openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2019:0053-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for LibVNCServer (important)
openSUSE Security Update: Security update for LibVNCServer Announcement ID: openSUSE-SU-2019:0053-1 Rating: important References: 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 Cross-References: CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021...
SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2019:13927-1)
This update for LibVNCServer fixes the following issues : Security issues fixed : CVE-2018-15126: Fixed use-after-free in file transfer extension bsc1120114 CVE-2018-6307: Fixed use-after-free in file transfer extension server code bsc1120115 CVE-2018-20020: Fixed heap out-of-bound write inside...
Debian: Security Advisory (DLA-1617-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-20022
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...
CVE-2018-20022
CVE-2018-20022 affects LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 in the VNC client code. The root cause is an improper initialization weakness (CWE-665) that allows an attacker to read stack memory, enabling information disclosure. When combined with another vulnerability, this can b...
CVE-2018-20022
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...