CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/07/05 12:4 p.m.•6 views

CVE-2025-27457

All communication between the VNC server and clients is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data...

6.5CVSS6.3AI score0.00157EPSS

Exploits0References1

Vulnrichment•added 2025/07/03 11:32 a.m.•4 views

CVE-2025-27457 CVE-2025-27457

All communication between the VNC server and clients is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data...

6.5CVSS6.9AI score0.00157EPSS

Exploits0References6

Pen Test Partners Blog•added 2025/05/16 5:30 a.m.•7 views

VNC. RDP for all to see

TL;DR VNC still remains in some legacy environments due to legacy deployments and ease of use. Without proprietary extensions, VNC transmits data without encryption, making credential theft through packet sniffing possible. The captured challenge and response between a VNC client and server can...

7.2AI score

Exploits0

OpenVAS•added 2021/09/23 12:0 a.m.•18 views

SUSE: Security Advisory (SUSE-SU-2021:3125-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.00371EPSS

Exploits2References7

OSV•added 2021/09/16 5:49 p.m.•6 views

SUSE-SU-2021:3125-1 Security update for gtk-vnc

This update for gtk-vnc fixes the following issues: - CVE-2017-5885: Correctly validate color map range indexes bsc1024268. - CVE-2017-5884: Fix bounds checking for RRE, hextile & copyrect encodings bsc1024266. - Fix crash when opening connection from a GSocketAddress bsc1046782. - Fix possible...

9.8CVSS8.7AI score0.00371EPSS

Exploits2References7

Oracle linux•added 2009/02/11 12:0 a.m.•21 views

vnc security update

4.1.2-14.el53.1 - CVE-2008-4770...

10CVSS1.8AI score0.0582EPSS

Exploits0

Tenable Nessus•added 2004/12/01 12:0 a.m.•188 views

Hydra: VNC

This plugin runs Hydra to find VNC passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...

5.4AI score

Exploits0

RedHat Linux•added 2003/02/26 4:23 p.m.•4 views

Moderate: Red Hat Security Advisory: vnc security update

Updated VNC packages are available to fix a weak cookie vulnerability. VNC is a tool for providing a remote graphical user interface. The VNC server acts as an X server, but the script for starting it generates an MIT X cookie which is used for X authentication without using a strong enough rando...

5CVSS5.8AI score0.01351EPSS

Exploits0References2

RedHat Linux•added 2003/02/21 8:40 a.m.•5 views

Moderate: Red Hat Security Advisory: : : : Updated VNC packages fix replay and cookie vulnerabilities

Updated VNC packages are available, fixing a challenge replay and a weak cookie vulnerability. Updated 10 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. VNC is a tool for providing a remote graphical user interface. Two vulnerabilities have been found in versions o...

7.5CVSS5.8AI score0.01351EPSS

Exploits0References2

RedHat Linux•added 2003/01/16 3:46 p.m.•2 views

Moderate: Red Hat Security Advisory: vnc security update

Updated VNC packages are available to fix a challenge replay attack that is present in the VNC server. VNC is a tool for providing a remote graphical user interface. The VNC DES authentication scheme is implemented using a challenge-response architecture, producing a random and different challeng...

7.5CVSS5.8AI score0.01074EPSS

Exploits0References3