Search CVE reports

11 – 20 of 20 results

Detailed view

Sort by:

CVE-2020-14398

Medium priority

Some fixes available 3 of 24

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

3 affected packages

libvncserver, veyon, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Fixed	Fixed	Fixed
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2020-14397

Medium priority

Some fixes available 15 of 36

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.

4 affected packages

libvncserver, veyon, vino, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Fixed	Fixed	Fixed
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Fixed	Fixed	Fixed	Fixed	Fixed
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2020-14396

Medium priority

Some fixes available 1 of 21

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

3 affected packages

libvncserver, veyon, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Fixed	Not affected	Not affected
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2019-20840

Medium priority

Some fixes available 2 of 23

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.

3 affected packages

libvncserver, veyon, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Not affected	Fixed	Fixed
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2019-20839

Medium priority

Some fixes available 3 of 24

libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.

3 affected packages

libvncserver, veyon, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Fixed	Fixed	Fixed
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2018-21247

Low priority

Needs evaluation

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

4 affected packages

libvncserver, veyon, vino, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Not affected	Not affected	Not affected	Not affected	Not affected
x11vnc	Not affected	Not affected	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-15681

Low priority

Some fixes available 18 of 71

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another...

7 affected packages

italc, krfb, libvncserver, tightvnc, veyon...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
italc	Not in release	Not in release	Not in release	Fixed	Fixed
krfb	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Not affected	Fixed	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Fixed	Fixed	Fixed	Fixed	Fixed
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2019-15680

Low priority

Some fixes available 5 of 70

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.

6 affected packages

libvncserver, ssvnc, tightvnc, veyon, vncsnapshot, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Fixed	Fixed	Fixed
ssvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vncsnapshot	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected

CVE-2019-15679

Medium priority

Some fixes available 1 of 79

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

7 affected packages

libvncserver, ssvnc, tightvnc, veyon, vncsnapshot...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libvncserver	Not affected	Not affected	Not affected	Not affected	Not affected
ssvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vncsnapshot	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected
x2vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-15678

Medium priority

Some fixes available 1 of 115

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.

11 affected packages

bochs, directvnc, libvncserver, ssvnc, tightvnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
bochs	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
directvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Not affected	Not affected	Not affected
ssvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release
vino	Not affected	Not affected	Not affected	Not affected	Not affected
vlc	Not affected	Not affected	Not affected	Not affected	Not affected
vncsnapshot	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
x11vnc	Not affected	Not affected	Needs evaluation	Not affected	Not affected
x2vnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page: