Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Guacamole Security Vulnerabilities - 2023

cve
cve

CVE-2023-30575

Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data.

7.5CVSS

7.4AI Score

0.002EPSS

2023-06-07 09:15 AM
27
cve
cve

CVE-2023-30576

Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process.

8.1CVSS

8.3AI Score

0.005EPSS

2023-06-07 09:15 AM
29
cve
cve

CVE-2023-43826

Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be execu...

8.8CVSS

8.8AI Score

0.002EPSS

2023-12-19 08:15 PM
25