Search CVE reports
11 – 19 of 19 results
CVE-2019-15678
Medium prioritySome fixes available 1 of 117
TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.
11 affected packages
bochs, directvnc, libvncserver, ssvnc, tightvnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| directvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libvncserver | Not affected | Not affected | Not affected | Not affected | Not affected |
| ssvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vino | Not affected | Not affected | Not affected | Not affected | Not affected |
| vlc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vncsnapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x2vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-7225
Medium prioritySome fixes available 27 of 38
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified...
4 affected packages
italc, libvncserver, tightvnc, vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Fixed | Fixed | Fixed | Fixed | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2014-6053
Medium prioritySome fixes available 16 of 28
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a...
5 affected packages
italc, krfb, libvncserver, tightvnc, vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Not affected | Fixed |
| krfb | Not affected | Not affected | Not affected | Not affected | Not affected |
| libvncserver | Not affected | Not affected | Not affected | Not affected | Not affected |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2013-5745
Medium prioritySome fixes available 3 of 4
The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close...
1 affected packages
vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vino | — | — | — | — | — |
CVE-2011-1165
Low priorityVino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to...
1 affected packages
vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vino | — | — | — | — | — |
CVE-2011-1164
Low priorityVino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.
1 affected packages
vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vino | — | — | — | — | — |
CVE-2012-4429
Medium prioritySome fixes available 4 of 6
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
1 affected packages
vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vino | — | — | — | — | — |
CVE-2011-0905
Medium prioritySome fixes available 4 of 11
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows...
3 affected packages
kdenetwork, libvncserver, vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kdenetwork | — | — | — | — | — |
| libvncserver | — | — | — | — | — |
| vino | — | — | — | — | — |
CVE-2011-0904
Medium prioritySome fixes available 4 of 11
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows...
3 affected packages
kdenetwork, libvncserver, vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kdenetwork | — | — | — | — | — |
| libvncserver | — | — | — | — | — |
| vino | — | — | — | — | — |