Libvnc Project : Security Vulnerabilities, CVEs, (Memory corruption)
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
Max CVSS
5.5
EPSS Score
0.09%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
Max CVSS
5.5
EPSS Score
0.09%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
Max CVSS
5.5
EPSS Score
0.11%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
Max CVSS
7.5
EPSS Score
1.09%
Published
2020-06-17
Updated
2022-03-10
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
Max CVSS
7.5
EPSS Score
0.17%
Published
2020-06-17
Updated
2022-03-10
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
Max CVSS
7.5
EPSS Score
0.97%
Published
2020-06-17
Updated
2022-03-10
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
Max CVSS
9.8
EPSS Score
0.71%
Published
2020-04-23
Updated
2022-03-10
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Max CVSS
9.8
EPSS Score
0.47%
Published
2019-01-30
Updated
2022-03-09
LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Max CVSS
9.8
EPSS Score
0.47%
Published
2019-01-30
Updated
2022-03-09
LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.
Max CVSS
9.8
EPSS Score
0.49%
Published
2019-01-30
Updated
2022-03-09
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
Max CVSS
7.5
EPSS Score
1.45%
Published
2018-12-19
Updated
2020-10-23
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
Max CVSS
9.8
EPSS Score
21.66%
Published
2018-12-19
Updated
2020-10-23
LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
Max CVSS
9.8
EPSS Score
3.26%
Published
2018-12-19
Updated
2022-03-31
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
Max CVSS
9.8
EPSS Score
85.44%
Published
2018-12-19
Updated
2020-10-23
LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution
Max CVSS
9.8
EPSS Score
3.32%
Published
2018-12-19
Updated
2019-10-31
LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.
Max CVSS
8.1
EPSS Score
85.43%
Published
2018-12-19
Updated
2019-10-31
16 vulnerabilities found