Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libvncserver Project Subscribe
Filtered by product Libvncserver
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14399 4 Canonical, Debian, Libvncserver Project and 1 more 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed."
CVE-2020-14400 4 Canonical, Debian, Libvncserver Project and 1 more 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary.
CVE-2020-29260 2 Debian, Libvncserver Project 2 Debian Linux, Libvncserver 2022-10-05 N/A 7.5 HIGH
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().
CVE-2020-25708 2 Libvncserver Project, Redhat 2 Libvncserver, Enterprise Linux 2022-09-29 5.0 MEDIUM 7.5 HIGH
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
CVE-2017-18922 5 Canonical, Fedoraproject, Libvncserver Project and 2 more 16 Ubuntu Linux, Fedora, Libvncserver and 13 more 2022-04-01 7.5 HIGH 9.8 CRITICAL
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
CVE-2020-14401 4 Debian, Libvncserver Project, Opensuse and 1 more 15 Debian Linux, Libvncserver, Leap and 12 more 2022-03-09 6.4 MEDIUM 6.5 MEDIUM
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
CVE-2016-9942 1 Libvncserver Project 1 Libvncserver 2020-10-23 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions.
CVE-2016-9941 1 Libvncserver Project 1 Libvncserver 2020-10-23 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area.
CVE-2018-7225 4 Canonical, Debian, Libvncserver Project and 1 more 9 Ubuntu Linux, Debian Linux, Libvncserver and 6 more 2020-10-23 7.5 HIGH 9.8 CRITICAL
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
CVE-2010-5304 2 Fedoraproject, Libvncserver Project 2 Fedora, Libvncserver 2020-02-07 5.0 MEDIUM 7.5 HIGH
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.