qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

CVE-2026-44988

CVE-2026-44988 concerns LibVNCClient (0.9.15 and earlier) where the Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter and does not reject Wide Tight rectangles. A malicious VNC server can send a FramebufferUpdate rectangle encoded with Tight (NoZlib | Expli...

CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

CVE-2026-7251 Eppendorf BioFlo 320 Use of hard-coded password

Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have ful...

EUVD-2026-31912

Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have...

CVE-2026-7251

Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have ful...

PT-2026-43357

Name of the Vulnerable Software and Affected Versions Eppendorf BioFlo 320 affected versions not specified Description The VNC server uses a hard-coded password. A remote attacker who knows the network address of a device with remote access enabled can use this password to gain full control of th...

Eppendorf BioFlo 320 安全漏洞

The Eppendorf BioFlo 320 is a laboratory bioreactor control system developed by the German company Eppendorf. The Eppendorf BioFlo 320 has a security vulnerability, which stems from the VNC server using hard-coded passwords. This vulnerability could allow remote attackers to gain complete control...

Astra Linux - уязвимость в vlc

An integer overflow in the VNC module of the VideoLAN VLC Media Player, as of version 3.0.17.4, allows attackers to exploit this vulnerability by tricking users into opening a specially crafted playlist or connecting to a malicious VNC server. This can result in the crash of the VLC player or the...

Neat VNC 安全漏洞

Neat VNC is a freely licensed VNC server library developed by Andri Yngvason. Versions of Neat VNC prior to 0.9.6 contained security vulnerabilities. These vulnerabilities stemmed from a buffer overflow in the RSA-AES security processor, which could allow unauthenticated remote attackers to cause...

Astra Linux - уязвимость в qemu

An integer underflow issue was discovered in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could exploit this flaw to render QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

[SECURITY] Fedora 42 Update: tigervnc-1.16.2-2.fc42

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

CVE-2019-25600 UltraVNC Viewer 1.2.2.4 Denial of Service via Buffer Overflow

UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect t...

EUVD-2026-13964

OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can connect to the exposed noVNC port to observe or interact wi...

CVE-2026-32064 OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer

OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can connect to the exposed noVNC port to observe or interact wi...

OpenClaw 访问控制错误漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.21 contained a security vulnerability related to access control. This vulnerability stemmed from the fact that the XaaS browser’s entry point did not perform authentication when...

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

PT-2026-22782

Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description An access control issue exists in the VNC component. This allows unauthorized attackers to access the HMI system. Recommendations Update to a newer version that...

EUVD-2024-55464

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

CVE-2020-37134

CVE-2020-37134 affects UltraVNC Viewer 1.2.4.0. The vulnerability is a denial-of-service triggered by pasting a malformed 256-byte payload into the VNC Server connection dialog, which crashes the application. The available connected documents corroborate the affected software and the method to re...