19 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-42859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An...
Weintek cMT-3072XH2 easyweb 安全漏洞
Weintek cMT-3072XH2 easyweb is an intelligent human-machine interaction interface developed by Weintek Company in Taiwan, China. The version v2.1.53 of Weintek cMT-3072XH2 easyweb contains a security vulnerability. This vulnerability stems from improper access control in the VNC component, which...
MiracleLinux 3 : vnc-4.1.2-14.1.0.1.AXS3 (AXSA:2010-240:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-240:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is runnin...
RHEL 8 : tigervnc (RHSA-2025:22167)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22167 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
CLSA-2025-1743071343 tigervnc: Fix of CVE-2025-26601
CVE-2025-26601: xorg-x11-server: fix use-after-free issue by adding check to ensure new sync object is added before alarm triggers...
Linux Distros Unpatched Vulnerability : CVE-2017-5884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y...
GLSA-202411-01 : Neat VNC: Authentication Bypass
The remote host is affected by the vulnerability described in GLSA-202411-01 Neat VNC: Authentication Bypass Neat VNC allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as Type 1 - None, which is accepted even if it is not...
The vulnerability of VNC implementations with extensions for optimizing operations under slow data transmission channels, such as Tightvnc, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of VNC implementations with extensions for optimizing operations under slow data transmission channels, such as Tightvnc, is related to the execution of operations within the allowable buffer size limits. Exploiting this vulnerability can allow a remote attacker to gain access t...
Arbitrary Code Execution
vnc is vulnerable to arbitrary code execution. The vulnerability exists as an insufficient input validation flaw was discovered in the VNC client application, vncviewer. If an attacker could convince a victim to connect to a malicious VNC server, or when an attacker was able to connect to vncview...
CVE-2019-8264
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204...
VMware VNC Pointer Decode Code Execution Vulnerability(CVE-2017-4941)
Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a type confusion resulting in stack overwrite, which could lead to code execution. An attacker can initiate a VNC session to trigger this...
Fedora 26 : 2:qemu (2017-9149114fba)
Fix usb3 drive issues with windows guests bz 1493196 - CVE-2017-15038: 9p: information disclosure when reading extended attributes bz 1499111 - CVE-2017-15268: potential memory exhaustion via websock connection to VNC bz 1496882 - CVE-2017-14167: multiboot OOB access while loading kernel image bz...
MGASA-2017-0057 Updated gtk-vnc packages fix security vulnerability
It was found that gtk-vnc code does not properly check boundaries of subrectangle-containing tiles. A malicious server can use this to overwrite parts of the client memory CVE-2017-5884. In addition, the vncconnectionservermessage and vnccolormapset functions do not check for integer overflow...
QEMU 'ui/vnc.c' Denial of Service Vulnerability
QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU. An attacker can exploit this vulnerability to crash a virtual machine, causing a denial of service...
QEMU 0.9 and KVM 36/79 VNC Server Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32910/info QEMU and KVM are prone to a remote denial-of-service vulnerability that affects the included VNC server. Attackers can exploit this issue to create a denial-of-service condition. The following are vulnerable:...
UltraVNC/TightVNC Integer Overflow
!/usr/bin/env python POC: Multiple VNC Clients Multiple Integer Overflow VulnerabilitiesUltraVNC and TightVNC, BID 33568 Author: Andres Lopez Luksenberg Visit: http://208.66.16.113/andres/ import socket serversocket = socket.socketsocket.AFINET, socket.SOCKSTREAM serversocket.bind'', 5900...
CVE-2004-1750
RealVNC 4.0 and earlier allows remote attackers to cause a denial of service crash via a large number of connections to port 5900...
DEBIAN-CVE-2002-1336
TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users...
Sun SunPCi II VNC Software 2.3 - Password Disclosure
Sun SunPCi II VNC Software 2.3 - Password Disclosure // source: https://www.securityfocus.com/bid/5146/info The SunPCi II card is a co-processor for a number of Solaris based systems, and provides PC software compatibility, including the ability to run Microsoft Windows. Driver software is...