1008 matches found
OPENSUSE-SU-2026:21118-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issue - CVE-2026-44988: missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of- bounds write bsc1266459...
SUSE-SU-2026:22190-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issue - CVE-2026-44988: missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of- bounds write bsc1266459...
SUSE-SU-2026:2427-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write bsc1266459...
Linux Distros Unpatched Vulnerability : CVE-2026-50538
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - libvncserver - None Ubuntu Linux - Attacker-controlled heap out-of-bounds write in libvncclient Tight decoder CVE-2026-50538 Note that Nessus...
Important: libvncserver
Issue Overview: LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A...
Amazon Linux 2 : libvncserver, --advisory ALAS2-2026-3331 (ALAS-2026-3331)
The version of libvncserver installed on the remote host is prior to 0.9.9-14. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3331 advisory. LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decod...
TencentOS Server 4: libvncserver (TSSA-2026:0246)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0246 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
SUSE-SU-2026:2227-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered out-of-bounds write bsc1266459...
LibVNCServer-devel-0.9.15-3.1 on GA media (moderate)
LibVNCServer-devel-0.9.15-3.1 on GA media Announcement ID: openSUSE-SU-2026:10905-1 Rating: moderate Cross-References: CVE-2026-44988 CVSS scores: CVE-2026-44988 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-44988 SUSE : 9.2...
OPENSUSE-SU-2026:10905-1 LibVNCServer-devel-0.9.15-3.1 on GA media
These are all security issues fixed in the LibVNCServer-devel-0.9.15-3.1 package on the GA media of openSUSE Tumbleweed...
LibVNCServer 缓冲区错误漏洞
LibVNCServer is a cross-platform C language library developed by LibVNC, which supports implementing VNC Virtual Network Computing server or client functions within programs. Versions of LibVNCServer prior to 0.9.15 contained a buffer error vulnerability. This vulnerability stemmed from the Tight...
Astra Linux – Vulnerability in libvncserver
A issue was discovered in LibVNCServer before version 0.9.13. An improperly closed TCP connection causes an infinite loop in the libvncclient/sockets.c file...
Astra Linux – Vulnerability in libvncserver
It has been discovered that libvncclient v0.9.13 contains a memory leak through the rfbClientCleanup function...
Astra Linux – Vulnerability in libvncserver
It was discovered that the websockets.c file in LibVNCServer prior to version 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, resulting in a heap-based buffer overflow...
Astra Linux – Vulnerability in Vino
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data. This allows remote attackers to cause a denial of service memory consumption or daemon crash by processing a...
Astra Linux – Vulnerability in Vino
A issue was discovered in LibVNCServer through version 0.9.11. The function rfbProcessClientNormalMessage in rfbserver.c does not sanitize the msg.cct.length variable, allowing access to uninitialized and potentially sensitive data, or possibly causing unspecified other impacts e.g., integer...
Astra Linux – Vulnerability in libvncserver
A divide by zero issue was detected in libvncserver-0.9.12. A malicious client could exploit this flaw to send a specially crafted message. When this message is processed by the VNC server, it will cause a floating-point exception, resulting in a denial of service...
Advisory ROSA-SA-2026-3283
Software: libvncserver 0.9.13 OS: ROSA-CHROME unaffected versions = libvncserver-0.9.13-3 affected versions libvncserver-0.9.13-3 CVE-ID: CVE-2026-32853 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A read outside the heap buffer vulnerability in the UltraZip encoding handler in LibVNCServer allows a...
OESA-2026-2255 libvncserver security update
libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...
OESA-2026-2252 libvncserver security update
libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...