Search CVE reports
1 – 10 of 35 results
CVE-2020-29260
Low prioritylibvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().
6 affected packages
italc, libvncserver, tightvnc, veyon, vino, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
italc | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
libvncserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
vino | Not affected | Not affected | Not affected | Not affected | Not affected |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-29074
Medium priorityscan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.
1 affected packages
x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
x11vnc | Not affected | Not affected | Vulnerable | Not affected | Not affected |
CVE-2020-25708
Medium prioritySome fixes available 14 of 49
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception,...
6 affected packages
italc, libvncserver, tightvnc, veyon, vino, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
italc | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
vino | Fixed | Fixed | Fixed | Fixed | Fixed |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2017-18922
Medium prioritySome fixes available 4 of 27
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a...
3 affected packages
libvncserver, veyon, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14405
Medium prioritySome fixes available 3 of 27
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
3 affected packages
libvncserver, veyon, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14404
Medium prioritySome fixes available 14 of 38
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
4 affected packages
libvncserver, veyon, vino, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
vino | Fixed | Fixed | Fixed | Fixed | Fixed |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14403
Medium prioritySome fixes available 14 of 38
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
4 affected packages
libvncserver, veyon, vino, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
vino | Fixed | Fixed | Fixed | Fixed | Fixed |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14402
Medium prioritySome fixes available 14 of 38
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
4 affected packages
libvncserver, veyon, vino, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
vino | Fixed | Fixed | Fixed | Fixed | Fixed |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14401
Medium prioritySome fixes available 3 of 27
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
3 affected packages
libvncserver, veyon, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-14400
Medium prioritySome fixes available 3 of 18
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is...
3 affected packages
libvncserver, veyon, x11vnc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
veyon | Not affected | Not affected | Not affected | Not in release | Not in release |
x11vnc | Not affected | Not affected | Not affected | Not affected | Not affected |