Lucene search
K
Libvncserver ProjectLibvncserver*

7 matches found

CVE
CVE
added 2020/06/30 11:0 a.m.297 views

CVE-2017-18922

CVE-2017-18922 : LibVNCServer’s websockets.c (prior to 0.9.12) is affected; multiple advisories report that malformed WebSocket frames can trigger a heap-based buffer overflow. The connected Nessus entries confirm affected packages across various distros (e.g., MiracleLinux, Alibaba Cloud Linux, ...

9.8CVSS9.2AI score0.02259EPSS
CVE
CVE
added 2020/06/17 3:12 p.m.217 views

CVE-2020-14399

CVE-2020-14399 affects LibVNCServer before 0.9.13. The issue is that Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c, enabling potential memory handling problems. Many OpenVAS/Nessus advisories reference this CVE among multiple LibVNCServer issues; the confirmed...

7.5CVSS7.3AI score0.02802EPSS
CVE
CVE
added 2020/06/17 3:12 p.m.212 views

CVE-2020-14401

CVE-2020-14401 affects LibVNCServer up to version 0.9.12; the vulnerability is in libvncserver/scale.c where a pixel_value integer overflow occurs. Connected sources (EulerOS/SUSE/Nessus references) enumerate this CVE among a set of LibVNCServer issues, with the common remediation context implyin...

6.5CVSS6.6AI score0.02432EPSS
CVE
CVE
added 2020/06/17 3:12 p.m.205 views

CVE-2020-14400

CVE-2020-14400 affects LibVNCServer up to version 0.9.12, where Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. Multiple security advisories (e.g., SUSE EulerOS/OpenVAS sources) list this CVE among a set of LibVNCServer issues and indicate fixes in newer relea...

7.5CVSS7.2AI score0.0284EPSS
CVE
CVE
added 2020/02/05 7:35 p.m.97 views

CVE-2010-5304

CVE-2010-5304 is a NULL pointer dereference in LibVNCServer before 0.9.9 when processing certain ClientCutText messages, allowing a remote attacker to crash the VNC server by sending a crafted ClientCutText. Public references in SUSE and Fedora advisories show fixes in later packages (e.g., libvn...

7.5CVSS7.2AI score0.03115EPSS
CVE
CVE
added 2026/03/24 5:30 p.m.97 views

CVE-2026-32853

CVE-2026-32853 affects LibVNCServer versions 0.9.15 and earlier, with a heap out-of-bounds read in the UltraZip encoding handler. The flaw, due to improper bounds checking in HandleUltraZipBPP(), can be triggered by manipulating subrectangle header counts, leading to information disclosure or app...

8.1CVSS5.8AI score0.00437EPSS
CVE
CVE
added 2026/03/24 5:31 p.m.58 views

CVE-2026-32854

LibVNCServer

7.5CVSS5.8AI score0.05322EPSS