Lucene search
K
Libvncserver ProjectLibvncserver

12 matches found

CVE
CVE
added 2020/11/27 5:41 p.m.296 views

CVE-2020-25708

CVE-2020-25708 affects libvncserver (notably libvncserver-0.9.12). A divide-by-zero condition triggered by a malicious crafted message processed by a VNC server can cause a denial of service. Various Nessus-derived advisories reference this CVE among a set of LibVNCServer issues; the materials do...

7.5CVSS7.1AI score0.01613EPSS
CVE
CVE
added 2020/06/30 11:0 a.m.292 views

CVE-2017-18922

CVE-2017-18922 : LibVNCServer’s websockets.c (prior to 0.9.12) is affected; multiple advisories report that malformed WebSocket frames can trigger a heap-based buffer overflow. The connected Nessus entries confirm affected packages across various distros (e.g., MiracleLinux, Alibaba Cloud Linux, ...

9.8CVSS9.2AI score0.02259EPSS
CVE
CVE
added 2020/06/17 3:12 p.m.217 views

CVE-2020-14399

CVE-2020-14399 affects LibVNCServer before 0.9.13. The issue is that Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c, enabling potential memory handling problems. Many OpenVAS/Nessus advisories reference this CVE among multiple LibVNCServer issues; the confirmed...

7.5CVSS7.3AI score0.02802EPSS
CVE
CVE
added 2020/06/17 3:12 p.m.212 views

CVE-2020-14401

CVE-2020-14401 affects LibVNCServer up to version 0.9.12; the vulnerability is in libvncserver/scale.c where a pixel_value integer overflow occurs. Connected sources (EulerOS/SUSE/Nessus references) enumerate this CVE among a set of LibVNCServer issues, with the common remediation context implyin...

6.5CVSS6.6AI score0.02432EPSS
CVE
CVE
added 2020/06/17 3:12 p.m.205 views

CVE-2020-14400

CVE-2020-14400 affects LibVNCServer up to version 0.9.12, where Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. Multiple security advisories (e.g., SUSE EulerOS/OpenVAS sources) list this CVE among a set of LibVNCServer issues and indicate fixes in newer relea...

7.5CVSS7.2AI score0.0284EPSS
CVE
CVE
added 2018/02/19 3:0 p.m.181 views

CVE-2018-7225

CVE-2018-7225 in LibVNCServer : rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, allowing access to uninitialized and potentially sensitive data via crafted VNC packets. This affects LibVNCServer up to version 0.9.11. Multiple downstream advisories document fixes i...

9.8CVSS8.7AI score0.06222EPSS
CVE
CVE
added 2016/12/31 6:0 p.m.158 views

CVE-2016-9942

CVE-2016-9942 is a heap-based buffer overflow in LibVNCServer/LibVNCClient (ultra.c) that can be triggered by a crafted FramebufferUpdate with the Ultra tile, allowing remote servers to crash the client or potentially execute arbitrary code when the LZO payload length exceeds the tile dimensions....

9.8CVSS9.8AI score0.03748EPSS
CVE
CVE
added 2016/12/31 6:0 p.m.116 views

CVE-2016-9941

LibVNCServer/LibVNCClient (LibVNCServer) contains heap-based buffer overflow vulnerabilities: CVE-2016-9941 in rfbproto.c and CVE-2016-9942 in ultra.c, exploitable via crafted FramebufferUpdate messages. These allow denial of service and potentially remote code execution on affected clients/serve...

9.8CVSS9.7AI score0.03732EPSS
CVE
CVE
added 2022/09/02 10:14 p.m.113 views

CVE-2020-29260

CVE-2020-29260 affects libvncserver/libvncclient v0.9.13, with a memory leak in rfbClientCleanup() causing resource retention and potential memory exhaustion. The vulnerability is labeled with CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH, network attack, no privileges, no user in...

7.5CVSS7.2AI score0.00947EPSS
CVE
CVE
added 2020/02/05 7:35 p.m.97 views

CVE-2010-5304

CVE-2010-5304 is a NULL pointer dereference in LibVNCServer before 0.9.9 when processing certain ClientCutText messages, allowing a remote attacker to crash the VNC server by sending a crafted ClientCutText. Public references in SUSE and Fedora advisories show fixes in later packages (e.g., libvn...

7.5CVSS7.2AI score0.03115EPSS
CVE
CVE
added 2026/03/24 5:30 p.m.85 views

CVE-2026-32853

CVE-2026-32853 affects LibVNCServer versions 0.9.15 and earlier, with a heap out-of-bounds read in the UltraZip encoding handler. The flaw, due to improper bounds checking in HandleUltraZipBPP(), can be triggered by manipulating subrectangle header counts, leading to information disclosure or app...

8.1CVSS5.8AI score0.00437EPSS
CVE
CVE
added 2026/03/24 5:31 p.m.47 views

CVE-2026-32854

LibVNCServer

7.5CVSS5.8AI score0.05322EPSS