Search CVE reports
31 – 40 of 45 results
CVE-2018-20020
Medium prioritySome fixes available 8 of 21
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
5 affected packages
italc, libvncserver, ssvnc, tightvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x11vnc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2018-20019
Medium prioritySome fixes available 6 of 7
LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
3 affected packages
italc, libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Fixed | Fixed |
| libvncserver | — | — | Not affected | Fixed | Fixed |
| x11vnc | — | — | Not affected | Not affected | Not affected |
CVE-2018-15127
Medium prioritySome fixes available 6 of 7
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
3 affected packages
italc, libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Fixed | Fixed |
| libvncserver | — | — | Not affected | Fixed | Fixed |
| x11vnc | — | — | Not affected | Not affected | Not affected |
CVE-2018-15126
Medium prioritySome fixes available 4 of 5
LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution
2 affected packages
libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | — | — | — | Fixed | Fixed |
| x11vnc | — | — | — | Not affected | Not affected |
CVE-2018-7225
Medium prioritySome fixes available 27 of 38
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified...
4 affected packages
italc, libvncserver, tightvnc, vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Fixed | Fixed | Fixed | Fixed | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2016-9942
Medium priorityHeap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message...
2 affected packages
italc, libvncserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Fixed | Fixed |
| libvncserver | — | — | — | — | Fixed |
CVE-2016-9941
Medium priorityHeap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate...
2 affected packages
italc, libvncserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Not affected | Fixed |
| libvncserver | — | — | — | — | Fixed |
CVE-2014-6055
Medium prioritySome fixes available 4 of 5
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a...
3 affected packages
italc, krfb, libvncserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Not affected | Fixed |
| krfb | — | — | — | — | — |
| libvncserver | — | — | — | — | — |
CVE-2014-6054
Medium prioritySome fixes available 4 of 5
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling...
3 affected packages
italc, krfb, libvncserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Not affected | Fixed |
| krfb | — | — | — | — | — |
| libvncserver | — | — | — | — | — |
CVE-2014-6053
Medium prioritySome fixes available 16 of 28
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a...
5 affected packages
italc, krfb, libvncserver, tightvnc, vino
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Not affected | Fixed |
| krfb | Not affected | Not affected | Not affected | Not affected | Not affected |
| libvncserver | Not affected | Not affected | Not affected | Not affected | Not affected |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |