Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 35 results


CVE-2020-29260

Low priority
Needs evaluation

libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

6 affected packages

italc, libvncserver, tightvnc, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Needs evaluation Needs evaluation
libvncserver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
vino Not affected Not affected Not affected Not affected Not affected
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-29074

Medium priority
Vulnerable

scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.

1 affected packages

x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
x11vnc Not affected Not affected Vulnerable Not affected Not affected
Show less packages

CVE-2020-25708

Medium priority

Some fixes available 14 of 49

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception,...

6 affected packages

italc, libvncserver, tightvnc, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Needs evaluation Needs evaluation
libvncserver Not affected Not affected Fixed Fixed Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2017-18922

Medium priority

Some fixes available 4 of 27

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a...

3 affected packages

libvncserver, veyon, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-14405

Medium priority

Some fixes available 3 of 27

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

3 affected packages

libvncserver, veyon, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-14404

Medium priority

Some fixes available 14 of 38

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.

4 affected packages

libvncserver, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-14403

Medium priority

Some fixes available 14 of 38

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.

4 affected packages

libvncserver, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-14402

Medium priority

Some fixes available 14 of 38

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.

4 affected packages

libvncserver, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-14401

Medium priority

Some fixes available 3 of 27

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.

3 affected packages

libvncserver, veyon, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-14400

Medium priority

Some fixes available 3 of 18

** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is...

3 affected packages

libvncserver, veyon, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvncserver Not affected Not affected Fixed Fixed Fixed
veyon Not affected Not affected Not affected Not in release Not in release
x11vnc Not affected Not affected Not affected Not affected Not affected
Show less packages