537 matches found
EUVD-2022-45079
Malicious code in bioql PyPI...
EUVD-2022-42588
Malicious code in bioql PyPI...
EUVD-2023-48191
Malicious code in bioql PyPI...
EUVD-2025-16439
Malicious code in bioql PyPI...
EUVD-2021-8008
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-18635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages...
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
...
NewStart CGSL MAIN 7.02 : qemu Multiple Vulnerabilities (NS-SA-2025-0153)
The remote NewStart CGSL host, running version MAIN 7.02, has qemu packages installed that are affected by multiple vulnerabilities: - A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...
CVE-2025-27457
All communication between the VNC server and clients is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data...
CVE-2025-27457 CVE-2025-27457
All communication between the VNC server and clients is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data...
CVE-2025-46352
The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password cannot be altered, allowing anyone with knowledge of it to gain remote access to the panel. Such access could enable an...
CVE-2025-46352
The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password cannot be altered, allowing anyone with knowledge of it to gain remote access to the panel. Such access could enable an...
CVE-2025-46352
CVE-2025-46352 affects the Consilium Safety CS5000 Fire Panel. The vulnerability stems from a hard-coded password used by a VNC server bundled with the panel, exposed as a string in the binary and not alterable by users. With network access, an attacker can remotely log in and operate the panel, ...
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...
Unauthorized Network Access
jupyter-remote-desktop-proxy is vulnerable to unauthorized network access. The vulnerability is due to jupyter-remote-desktop-proxy not properly restricting VNC server access to UNIX sockets when using TigerVNC, allowing the server to be accessible over the network...
Azure Linux 3.0 Security Update: qemu (CVE-2023-3255)
The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3255 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit conditio...
CBL Mariner 2.0 Security Update: qemu (CVE-2023-3255)
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3255 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit conditio...
CVE-2025-32428
Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still...
CVE-2025-32428 Jupyter Remote Desktop Proxy makes TigerVNC accessible via the network and not just via a UNIX socket as intended
Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still...