OPENSUSE-SU-2026:20552-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429...

SUSE-SU-2026:21206-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429...

Amazon Linux 2 : libvncserver, --advisory ALAS2-2026-3247 (ALAS-2026-3247)

The version of libvncserver installed on the remote host is prior to 0.9.9-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3247 advisory. LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in th...

SUSE: Security Advisory (SUSE-SU-2026:1174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:1173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2026:1174-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1174-1 advisory. - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: craft...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : LibVNCServer (SUSE-SU-2026:1173-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1173-1 advisory. - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial...

Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429. Patch Instructions: To install this SUSE...

SUSE-SU-2026:1174-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429...

Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429. Patch Instructions: To install this SUSE...

Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429. Patch Instructions: To install this SUSE...

SUSE-SU-2026:1124-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafted HTTP requests can cause a denial of service bsc1260429...

OPENSUSE-SU-2026:10433-1 LibVNCServer-devel-0.9.15-2.1 on GA media

These are all security issues fixed in the LibVNCServer-devel-0.9.15-2.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2026-32853

LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the...

SUSE CVE-2026-32854

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

Linux Distros Unpatched Vulnerability : CVE-2026-32854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInp...

Linux Distros Unpatched Vulnerability : CVE-2026-32853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a...

CVE-2026-32854

A flaw was found in LibVNCServer. This vulnerability allows a remote attacker to cause a Denial of Service DoS by sending specially crafted HTTP requests. The flaw exists in the HTTP proxy handlers, where missing validation of certain return values can lead to a null pointer dereference, causing...

CVE-2026-32853

A flaw was found in LibVNCServer. A malicious VNC server can exploit an improper bounds checking vulnerability in the UltraZip encoding handler, specifically within the HandleUltraZipBPP function. By manipulating subrectangle header counts, an attacker can read beyond the allocated memory buffer...

CVE-2026-32854

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...