7 matches found
CVE-2017-18922
CVE-2017-18922 : LibVNCServer’s websockets.c (prior to 0.9.12) is affected; multiple advisories report that malformed WebSocket frames can trigger a heap-based buffer overflow. The connected Nessus entries confirm affected packages across various distros (e.g., MiracleLinux, Alibaba Cloud Linux, ...
CVE-2020-14399
CVE-2020-14399 affects LibVNCServer before 0.9.13. The issue is that Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c, enabling potential memory handling problems. Many OpenVAS/Nessus advisories reference this CVE among multiple LibVNCServer issues; the confirmed...
CVE-2020-14401
CVE-2020-14401 affects LibVNCServer up to version 0.9.12; the vulnerability is in libvncserver/scale.c where a pixel_value integer overflow occurs. Connected sources (EulerOS/SUSE/Nessus references) enumerate this CVE among a set of LibVNCServer issues, with the common remediation context implyin...
CVE-2020-14400
CVE-2020-14400 affects LibVNCServer up to version 0.9.12, where Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. Multiple security advisories (e.g., SUSE EulerOS/OpenVAS sources) list this CVE among a set of LibVNCServer issues and indicate fixes in newer relea...
CVE-2010-5304
CVE-2010-5304 is a NULL pointer dereference in LibVNCServer before 0.9.9 when processing certain ClientCutText messages, allowing a remote attacker to crash the VNC server by sending a crafted ClientCutText. Public references in SUSE and Fedora advisories show fixes in later packages (e.g., libvn...
CVE-2026-32853
CVE-2026-32853 affects LibVNCServer versions 0.9.15 and earlier, with a heap out-of-bounds read in the UltraZip encoding handler. The flaw, due to improper bounds checking in HandleUltraZipBPP(), can be triggered by manipulating subrectangle header counts, leading to information disclosure or app...
CVE-2026-32854
LibVNCServer