Search CVE reports
1 – 10 of 22 results
CVE-2020-29260
Low prioritylibvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().
6 affected packages
italc, libvncserver, tightvnc, veyon, vino, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
| libvncserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| vino | Not affected | Not affected | Not affected | Not affected | Not affected |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-25708
Medium prioritySome fixes available 14 of 49
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception,...
6 affected packages
italc, libvncserver, tightvnc, veyon, vino, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| libvncserver | Not affected | Not affected | Fixed | Fixed | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-15681
Low prioritySome fixes available 17 of 71
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another...
7 affected packages
italc, krfb, libvncserver, tightvnc, veyon...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| krfb | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
| vino | Fixed | Fixed | Fixed | Fixed | Fixed |
| x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-20750
Medium prioritySome fixes available 6 of 7
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
3 affected packages
italc, libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Fixed | Fixed |
| libvncserver | — | — | Not affected | Fixed | Fixed |
| x11vnc | — | — | Not affected | Not affected | Not affected |
CVE-2018-20749
Medium prioritySome fixes available 6 of 7
LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
3 affected packages
italc, libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Fixed | Fixed |
| libvncserver | — | — | Not affected | Fixed | Fixed |
| x11vnc | — | — | Not affected | Not affected | Not affected |
CVE-2018-20748
Medium prioritySome fixes available 7 of 19
LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.
4 affected packages
italc, libvncserver, tightvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x11vnc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2018-20024
Medium prioritySome fixes available 7 of 9
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
4 affected packages
italc, libvncserver, ssvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable | Fixed |
| x11vnc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2018-20023
Medium prioritySome fixes available 6 of 7
LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure....
3 affected packages
italc, libvncserver, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | — | — | Not in release | Fixed | Fixed |
| libvncserver | — | — | Not affected | Fixed | Fixed |
| x11vnc | — | — | Not affected | Not affected | Not affected |
CVE-2018-20022
Medium prioritySome fixes available 8 of 21
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information...
5 affected packages
italc, libvncserver, ssvnc, tightvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x11vnc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2018-20021
Medium prioritySome fixes available 8 of 21
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM
5 affected packages
italc, libvncserver, ssvnc, tightvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed | Fixed |
| libvncserver | Not affected | Not affected | Not affected | Fixed | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| x11vnc | Not affected | Not affected | Not affected | Not affected | Not affected |