Search CVE reports
11 – 20 of 45 results
CVE-2020-14398
Medium prioritySome fixes available 3 of 27
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
3 affected packages
libvncserver, veyon, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14397
Medium prioritySome fixes available 14 of 38
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
4 affected packages
libvncserver, veyon, vino, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14396
Medium prioritySome fixes available 1 of 24
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
3 affected packages
libvncserver, veyon, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Fixed | Not affected | Not affected |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-20840
Medium prioritySome fixes available 2 of 26
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
3 affected packages
libvncserver, veyon, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-20839
Medium prioritySome fixes available 3 of 27
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
3 affected packages
libvncserver, veyon, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-21247
Low priorityAn issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
4 affected packages
libvncserver, veyon, vino, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vino | Not affected | Not affected | Not affected | Not affected | Not affected |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-20788
Medium prioritySome fixes available 3 of 16
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
2 affected packages
libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-15690
Medium prioritySome fixes available 4 of 17
heap buffer overflow in libvncclient/cursor.c related to large cursor sizes when connected to a malicious server
2 affected packages
libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
| x11vnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2019-15681
Low prioritySome fixes available 17 of 71
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another...
7 affected packages
italc, krfb, libvncserver, tightvnc, veyon...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| krfb | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-15680
Low prioritySome fixes available 5 of 70
TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.
6 affected packages
libvncserver, ssvnc, tightvnc, veyon, vncsnapshot, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
| ssvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vncsnapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |