Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-15691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routin...

7.2CVSS7.3AI score0.04719EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.2 views

SUSE CVE-2014-0011

Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...

9.8CVSS8AI score0.02494EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.2 views

SUSE CVE-2019-20382

QEMU 4.1.0 has a memory leak in zrlecompressdata in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd...

6.5CVSS7.7AI score0.00866EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2021/03/21 12:0 a.m.6 views

The vulnerability of the ZRLEDecoder software, which is part of VNC TigerVNC, allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the ZRLEDecoder software, developed for VNC and TigerVNC protocols, relates to operations involving resources after their expiration. Exploiting this vulnerability can allow unauthorized individuals to gain access to confidential data, compromise its integrity, and cause...

7.2CVSS7AI score0.04719EPSS
Exploits1References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.4 views

The vulnerability of the zrle_compress_data function in the software for emulating hardware on various QEMU platforms arises from improper memory release before deleting the last reference. This allows a malicious actor to trigger a service failure.

The vulnerability of the zrlecompressdata function in the software for emulating hardware on various QEMU platforms is related to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...

3.5CVSS6.5AI score0.00866EPSS
Exploits0References14Affected Software6
Amazon
Amazon
added 2020/11/11 12:0 a.m.74 views

Important: qemu

Issue Overview: A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon...

5CVSS7.4AI score0.05447EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/09/29 8:41 p.m.4 views

QEMU: vnc: memory leakage upon disconnect

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

3.5CVSS7.1AI score0.00866EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/29 8:40 p.m.11 views

QEMU: vnc: memory leakage upon disconnect

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

3.5CVSS7.1AI score0.00866EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/03 7:25 a.m.2 views

QEMU: vnc: memory leakage upon disconnect

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

3.5CVSS7.1AI score0.00866EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2020/04/18 12:0 a.m.136 views

tigervnc security update

1.9.0-14 - Bump build version Resolves: bz1819877 Resolves: bz1819879 Resolves: bz1819882 Resolves: bz1819886 Resolves: bz1819884 1.9.0-13 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1819877 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1819879 - Fix...

7.2CVSS1.7AI score0.04773EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2020/04/01 8:26 a.m.48 views

CVE-2019-20382

A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...

3.5CVSS1.4AI score0.00866EPSS
Exploits0References4
OSV
OSV
added 2020/03/05 7:15 p.m.1 views

DEBIAN-CVE-2019-20382

QEMU 4.1.0 has a memory leak in zrlecompressdata in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd...

3.5CVSS6.2AI score0.00866EPSS
Exploits0References1
OSV
OSV
added 2020/03/05 7:15 p.m.1 views

UBUNTU-CVE-2019-20382

QEMU 4.1.0 has a memory leak in zrlecompressdata in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd...

3.5CVSS6.7AI score0.00866EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/12/10 12:0 a.m.3 views

PT-2020-5305 · Qemu +8 · Qemu +8

Name of the Vulnerable Software and Affected Versions: QEMU version 4.1.0 Description: The issue is related to a memory leak in the zrle compress data function during a VNC disconnect operation due to the misuse of libz. This results in memory allocated in deflateInit2 not being freed in...

7.8CVSS6.3AI score0.04027EPSS
Exploits1References160
Tenable Nessus
Tenable Nessus
added 2014/04/07 12:0 a.m.27 views

Fedora 19 : tigervnc-1.3.0-10.fc19 (2014-4180)

This update fixes CVE-2014-0011, a ZRLE decoding heap-based buffer overflow in vncviewer. This update contains some small fixes for issues that could cause the server or the viewer to crash, and includes a change that makes vncserver create clearer xstartup files. Note that Tenable Network Securi...

9.8CVSS8AI score0.02494EPSS
Exploits1References3
Rows per page
Query Builder