12 matches found
CVE-2020-25708
CVE-2020-25708 affects libvncserver (notably libvncserver-0.9.12). A divide-by-zero condition triggered by a malicious crafted message processed by a VNC server can cause a denial of service. Various Nessus-derived advisories reference this CVE among a set of LibVNCServer issues; the materials do...
CVE-2017-18922
CVE-2017-18922 : LibVNCServer’s websockets.c (prior to 0.9.12) is affected; multiple advisories report that malformed WebSocket frames can trigger a heap-based buffer overflow. The connected Nessus entries confirm affected packages across various distros (e.g., MiracleLinux, Alibaba Cloud Linux, ...
CVE-2020-14401
CVE-2020-14401 affects LibVNCServer up to version 0.9.12; the vulnerability is in libvncserver/scale.c where a pixel_value integer overflow occurs. Connected sources (EulerOS/SUSE/Nessus references) enumerate this CVE among a set of LibVNCServer issues, with the common remediation context implyin...
CVE-2020-14399
CVE-2020-14399 affects LibVNCServer before 0.9.13. The issue is that Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c, enabling potential memory handling problems. Many OpenVAS/Nessus advisories reference this CVE among multiple LibVNCServer issues; the confirmed...
CVE-2020-14400
CVE-2020-14400 affects LibVNCServer up to version 0.9.12, where Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. Multiple security advisories (e.g., SUSE EulerOS/OpenVAS sources) list this CVE among a set of LibVNCServer issues and indicate fixes in newer relea...
CVE-2018-7225
CVE-2018-7225 in LibVNCServer : rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, allowing access to uninitialized and potentially sensitive data via crafted VNC packets. This affects LibVNCServer up to version 0.9.11. Multiple downstream advisories document fixes i...
CVE-2016-9942
CVE-2016-9942 is a heap-based buffer overflow in LibVNCServer/LibVNCClient (ultra.c) that can be triggered by a crafted FramebufferUpdate with the Ultra tile, allowing remote servers to crash the client or potentially execute arbitrary code when the LZO payload length exceeds the tile dimensions....
CVE-2016-9941
LibVNCServer/LibVNCClient (LibVNCServer) contains heap-based buffer overflow vulnerabilities: CVE-2016-9941 in rfbproto.c and CVE-2016-9942 in ultra.c, exploitable via crafted FramebufferUpdate messages. These allow denial of service and potentially remote code execution on affected clients/serve...
CVE-2020-29260
CVE-2020-29260 affects libvncserver/libvncclient v0.9.13, with a memory leak in rfbClientCleanup() causing resource retention and potential memory exhaustion. The vulnerability is labeled with CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH, network attack, no privileges, no user in...
CVE-2010-5304
CVE-2010-5304 is a NULL pointer dereference in LibVNCServer before 0.9.9 when processing certain ClientCutText messages, allowing a remote attacker to crash the VNC server by sending a crafted ClientCutText. Public references in SUSE and Fedora advisories show fixes in later packages (e.g., libvn...
CVE-2026-32854
LibVNCServer versions
CVE-2026-32853
LibVNCServer CVE-2026-32853 affects versions