CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2023/02/15 4:35 a.m.•3 views

SUSE CVE-2017-18922

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow...

8.1CVSS7.2AI score0.02259EPSS

Exploits0References11

SUSE CVE•added 2023/02/15 4:29 a.m.•2 views

SUSE CVE-2018-7225

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...

7.1CVSS7.3AI score0.06449EPSS

Exploits1References7

SUSE CVE•added 2023/02/15 4:20 a.m.•1 views

SUSE CVE-2018-20750

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete...

9.8CVSS9.4AI score0.03335EPSS

Exploits1References10

SUSE CVE•added 2023/02/15 4:20 a.m.•2 views

SUSE CVE-2018-21247

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak of uninitialized memory contents in the libvncclient/rfbproto.c ConnectToRFBRepeater function...

7.5CVSS9.1AI score0.02358EPSS

SUSE CVE•added 2023/02/15 4:8 a.m.•1 views

SUSE CVE-2019-15690

LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution...

7.5CVSS9.9AI score0.00713EPSS

SUSE CVE•added 2023/02/15 4:5 a.m.•2 views

SUSE CVE-2019-20788

libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690...

7.5CVSS9.6AI score0.02436EPSS

Exploits1References9

SUSE CVE•added 2023/02/15 4:5 a.m.•0 views

SUSE CVE-2019-20839

libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename...

7.5CVSS9.6AI score0.03589EPSS

SUSE CVE•added 2023/02/15 4:5 a.m.•1 views

SUSE CVE-2019-20840

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/wsdecode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode...

7.5CVSS9.2AI score0.02593EPSS

7.5CVSS7AI score0.02573EPSS

SUSE CVE-2020-14396

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tlsopenssl.c has a NULL pointer dereference...

Exploits0References3

SUSE CVE•added 2023/02/15 3:57 a.m.•2 views

SUSE CVE-2020-14397

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference...

6.5CVSS9.3AI score0.0339EPSS

SUSE CVE•added 2023/02/15 3:57 a.m.•2 views

SUSE CVE-2020-14398

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c...

6.5CVSS9.3AI score0.02756EPSS

4.3CVSS9.3AI score0.02802EPSS

SUSE CVE-2020-14399

An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed...

4.3CVSS9.1AI score0.0284EPSS

SUSE CVE-2020-14400

An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary...

6.5CVSS9.3AI score0.02462EPSS

SUSE CVE-2020-14401

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixelvalue integer overflow...

6.3CVSS9.3AI score0.01943EPSS

SUSE CVE-2020-14402

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings...