Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libvncserver
(Libvncserver_project)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 10 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-17 | CVE-2020-14399 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. | Ubuntu_linux, Debian_linux, Libvncserver, Leap | 7.5 | ||
2020-06-17 | CVE-2020-14400 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary | Ubuntu_linux, Debian_linux, Libvncserver, Leap | 7.5 | ||
2020-06-30 | CVE-2017-18922 | It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. | Ubuntu_linux, Fedora, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware | 9.8 | ||
2020-11-27 | CVE-2020-25708 | A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. | Debian_linux, Libvncserver, Enterprise_linux | 7.5 | ||
2022-09-02 | CVE-2020-29260 | libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). | Debian_linux, Libvncserver | 7.5 | ||
2020-06-17 | CVE-2020-14401 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. | Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware | 6.5 |