Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Simatic Itc1500 Pro Firmware Security Vulnerabilities - 2020

cve
cve

CVE-2017-18922

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.

9.8CVSS

9.2AI Score

0.004EPSS

2020-06-30 11:15 AM
202
cve
cve

CVE-2018-21247

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

7.5CVSS

8.1AI Score

0.002EPSS

2020-06-17 04:15 PM
178
cve
cve

CVE-2019-20788

libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.

9.8CVSS

9.2AI Score

EPSS

2020-04-23 07:15 PM
163
cve
cve

CVE-2019-20839

libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.

7.5CVSS

7.6AI Score

0.017EPSS

2020-06-17 04:15 PM
206
cve
cve

CVE-2019-20840

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.

7.5CVSS

7.2AI Score

0.012EPSS

2020-06-17 04:15 PM
177
cve
cve

CVE-2020-14396

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

7.5CVSS

7.3AI Score

0.002EPSS

2020-06-17 04:15 PM
48
cve
cve

CVE-2020-14397

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.

7.5CVSS

7.3AI Score

0.014EPSS

2020-06-17 04:15 PM
192
cve
cve

CVE-2020-14398

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

7.5CVSS

7.3AI Score

0.008EPSS

2020-06-17 04:15 PM
143
cve
cve

CVE-2020-14401

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.

6.5CVSS

6.6AI Score

0.009EPSS

2020-06-17 04:15 PM
177
cve
cve

CVE-2020-14402

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.

5.4CVSS

6.2AI Score

0.001EPSS

2020-06-17 04:15 PM
173
cve
cve

CVE-2020-14403

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.

5.4CVSS

6.1AI Score

0.001EPSS

2020-06-17 04:15 PM
100
cve
cve

CVE-2020-14404

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.

5.4CVSS

6.1AI Score

0.001EPSS

2020-06-17 04:15 PM
99
cve
cve

CVE-2020-14405

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

6.5CVSS

6.7AI Score

0.002EPSS

2020-06-17 04:15 PM
137