CVE-2025-40743

A vulnerability has been identified in SINUMERIK 828D PPU.4 All versions V4.95 SP5, SINUMERIK 828D PPU.5 All versions V5.25 SP1, SINUMERIK 840D sl All versions V4.95 SP5, SINUMERIK MC All versions V1.25 SP1, SINUMERIK MC V1.15 All versions V1.15 SP5, SINUMERIK ONE All versions V6.25 SP1, SINUMERI...

CVE-2025-40743

A vulnerability has been identified in SINUMERIK 828D PPU.4 All versions V4.95 SP5, SINUMERIK 828D PPU.5 All versions V5.25 SP1, SINUMERIK 840D sl All versions V4.95 SP5, SINUMERIK MC All versions V1.25 SP1, SINUMERIK MC V1.15 All versions V1.15 SP5, SINUMERIK ONE All versions V6.25 SP1, SINUMERI...

CVE-2025-40743

CVE-2025-40743 affects multiple Siemens SINUMERIK controllers (828D PPU.4, 828D PPU.5, 840D sl, MC, MC V1.15, ONE, ONE V6.15) with VNC access authentication that does not validate passwords sufficiently. This could enable unauthorized remote access to affected systems and potentially impact confi...

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

[SECURITY] Fedora 42 Update: tigervnc-1.15.0-6.fc42

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

Consilium Safety CS5000 Fire Panel 信任管理问题漏洞

The Consilium Safety CS5000 Fire Panel is a fire alarm control panel from Consilium Safety of Sweden. A trust management issue vulnerability exists in the Consilium Safety CS5000 Fire Panel that stems from the presence of hard-coded passwords on the VNC server, which could lead to remote access t...

Qemu: vnc: null pointer dereference in qemu_clipboard_request()

...

[SECURITY] Fedora 41 Update: tigervnc-1.15.0-2.fc41

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

[SECURITY] Fedora 42 Update: tigervnc-1.15.0-2.fc42

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message resulting in a denial of service.

...

[SECURITY] Fedora 39 Update: perl-Data-UUID-1.227-1.fc39

This module provides a framework for generating v3 UUIDs Universally Unique Identifiers, also known as GUIDs Globally Unique Identifiers. A UUID is 128 bits long, and is guaranteed to be different from all other UUIDs/GUIDs generated until 3400 CE. UUIDs were originally used in the Network...

AZL-40048 CVE-2023-6683 affecting package qemu for versions less than 6.2.0-21

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

UBUNTU-CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

[SECURITY] Fedora 38 Update: tigervnc-1.13.1-9.fc38

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

CVE-2023-43826 Apache Guacamole: Integer overflow in handling of VNC image buffers

Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...

PT-2023-29003 · Apache +1 · Apache Guacamole +1

Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.5.3 and older Description: The issue arises from inconsistent handling of values received from a VNC server, which can lead to integer overflow. If a user connects to a malicious or compromised VNC server,...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

CVE-2023-47251

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...