Known Vulnerabilities for Libvncserver by Libvnc Project
Listed below are 10 of the newest known vulnerabilities associated with "Libvncserver" by "Libvnc Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32854 json | LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTT... | Not Provided | 2026-03-24 | 2026-07-14 |
| CVE-2026-32853 json | LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the Ultr... | Not Provided | 2026-03-24 | 2026-07-14 |
| CVE-2020-14405 json | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size. | 6.5 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14404 json | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. | 5.4 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14403 json | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. | 5.4 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14402 json | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. | 5.4 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14398 json | An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncc... | 7.5 - HIGH | 2020-06-17 | 2022-03-10 |
| CVE-2020-14397 json | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. | 7.5 - HIGH | 2020-06-17 | 2022-03-10 |
| CVE-2020-14396 json | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. | 7.5 - HIGH | 2020-06-17 | 2022-03-10 |
| CVE-2019-20840 json | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned acce... | 7.5 - HIGH | 2020-06-17 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Libvnc Project | Libvncserver | 0.9.12 |