Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2019-15681

Low priority

Some fixes available 17 of 71

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another...

7 affected packages

italc, krfb, libvncserver, tightvnc, veyon...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Fixed Fixed
krfb Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libvncserver Not affected Not affected Not affected Fixed Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2014-6055

Medium priority

Some fixes available 4 of 5

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a...

3 affected packages

italc, krfb, libvncserver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not affected Fixed
krfb
libvncserver
Show less packages

CVE-2014-6054

Medium priority

Some fixes available 4 of 5

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling...

3 affected packages

italc, krfb, libvncserver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not affected Fixed
krfb
libvncserver
Show less packages

CVE-2014-6053

Medium priority

Some fixes available 16 of 28

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a...

5 affected packages

italc, krfb, libvncserver, tightvnc, vino

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Not affected Fixed
krfb Not affected Not affected Not affected Not affected Not affected
libvncserver Not affected Not affected Not affected Not affected Not affected
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vino Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2014-6052

Medium priority

Some fixes available 4 of 5

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or...

3 affected packages

italc, krfb, libvncserver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Fixed Fixed
krfb
libvncserver
Show less packages

CVE-2014-6051

Medium priority

Some fixes available 4 of 5

Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a...

3 affected packages

italc, krfb, libvncserver

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Fixed Fixed
krfb
libvncserver
Show less packages

CVE-2014-4607

Medium priority

Some fixes available 39 of 41

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.

5 affected packages

grub2, grub2-signed, grub2-unsigned, krfb, lzo2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
grub2 Fixed Fixed Fixed Not affected Not affected
grub2-signed Not affected Not affected Fixed Not affected Not affected
grub2-unsigned Not affected Not affected Fixed Not affected Not affected
krfb Fixed Fixed Fixed Fixed Fixed
lzo2 Fixed Fixed Fixed Fixed Fixed
Show less packages