Search CVE reports

1 – 10 of 17 results

Detailed view

Sort by:

CVE-2024-42049

Medium priority

Not affected

TightVNC (Server for Windows) before 2.8.84 allows attackers to connect to the control pipe via a network connection.

1 affected package

tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tightvnc	Not affected	Not affected	Not affected	Not affected	Not affected

TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the...

1 affected package

tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tightvnc	—	Not affected	Not affected	Not affected	Not affected

CVE-2020-29260

Low priority

Needs evaluation

libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

6 affected packages

italc, libvncserver, tightvnc, veyon, vino, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
italc	—	Not in release	Not in release	Needs evaluation	Needs evaluation
libvncserver	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Ignored
vino	Not affected	Not affected	Not affected	Not affected	Not affected
x11vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-42785

Medium priority

Vulnerable

Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server.

1 affected package

tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tightvnc	Not affected	Not affected	Not affected	Not affected	Vulnerable

CVE-2020-25708

Medium priority

Some fixes available 15 of 53

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception,...

6 affected packages

italc, libvncserver, tightvnc, veyon, vino, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
italc	Not in release	Not in release	Not in release	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Fixed	Fixed	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Fixed	Fixed	Fixed	Fixed	Fixed
x11vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-8287

Medium priority

Some fixes available 1 of 15

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

1 affected package

tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
tightvnc	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2019-15681

Low priority

Some fixes available 18 of 76

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another...

7 affected packages

italc, krfb, libvncserver, tightvnc, veyon...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
italc	Not in release	Not in release	Not in release	Fixed	Fixed
krfb	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Not affected	Fixed	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Fixed	Fixed	Fixed	Fixed	Fixed
x11vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-15680

Low priority

Some fixes available 5 of 75

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.

6 affected packages

libvncserver, ssvnc, tightvnc, veyon, vncsnapshot, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Fixed	Fixed	Fixed
ssvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vncsnapshot	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x11vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-15679

Medium priority

Some fixes available 1 of 84

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

7 affected packages

libvncserver, ssvnc, tightvnc, veyon, vncsnapshot...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Not affected	Not affected	Not affected
ssvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vncsnapshot	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x11vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x2vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-15678

Medium priority

Some fixes available 1 of 126

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.

11 affected packages

bochs, directvnc, libvncserver, ssvnc, tightvnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
bochs	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
directvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Not affected	Not affected	Not affected
ssvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Not affected	Not affected	Not affected	Not affected	Not affected
vlc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vncsnapshot	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x11vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x2vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page: