Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tigervnc
(Tigervnc)| Repositories | https://github.com/TigerVNC/tigervnc |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-12-13 | CVE-2023-6377 | A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. | Debian_linux, Enterprise_linux_eus, Tigervnc, X_server, Xwayland | 7.8 | ||
| 2023-12-13 | CVE-2023-6478 | A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. | Debian_linux, Enterprise_linux_eus, Tigervnc, X_server, Xwayland | 7.5 | ||
| 2024-01-18 | CVE-2024-0408 | A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. | Fedora, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation, Tigervnc, Xorg\-Server, Xwayland | 5.5 | ||
| 2024-01-18 | CVE-2024-0409 | A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. | Fedora, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation, Tigervnc, Xorg\-Server, Xwayland | 7.8 |