Known Vulnerabilities for products from Libvnc Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Libvnc Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14405 | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size. | 6.5 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14404 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. | 5.4 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14403 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. | 5.4 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14402 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. | 5.4 - MEDIUM | 2020-06-17 | 2022-03-09 |
| CVE-2020-14398 | An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncc... | 7.5 - HIGH | 2020-06-17 | 2022-03-10 |
| CVE-2020-14397 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. | 7.5 - HIGH | 2020-06-17 | 2022-03-10 |
| CVE-2020-14396 | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. | 7.5 - HIGH | 2020-06-17 | 2022-03-10 |
| CVE-2019-20840 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned acce... | 7.5 - HIGH | 2020-06-17 | 2023-11-07 |
| CVE-2019-20839 | libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | 7.5 - HIGH | 2020-06-17 | 2023-11-07 |
| CVE-2019-20788 | libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow ... | 9.8 - CRITICAL | 2020-04-23 | 2022-03-10 |
| CVE-2019-15681 | LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allo... | 7.5 - HIGH | 2019-10-29 | 2022-04-05 |
| CVE-2018-21247 | An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the... | 7.5 - HIGH | 2020-06-17 | 2023-11-07 |
| CVE-2018-20750 | LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-151... | 9.8 - CRITICAL | 2019-01-30 | 2022-03-09 |
| CVE-2018-20749 | LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-1512... | 9.8 - CRITICAL | 2019-01-30 | 2022-03-09 |
| CVE-2018-20748 | LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2... | 9.8 - CRITICAL | 2019-01-30 | 2022-03-09 |
| CVE-2018-20024 | LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can r... | 7.5 - HIGH | 2018-12-19 | 2020-10-23 |
| CVE-2018-20023 | LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeate... | 7.5 - HIGH | 2018-12-19 | 2020-10-23 |
| CVE-2018-20022 | LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerab... | 7.5 - HIGH | 2018-12-19 | 2020-10-23 |
| CVE-2018-20021 | LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client c... | 7.5 - HIGH | 2018-12-19 | 2020-10-23 |
| CVE-2018-20020 | LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure... | 9.8 - CRITICAL | 2018-12-19 | 2020-10-23 |
Known software with vulnerabilities from Libvnc Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libvnc Project | Libvncserver | 0.9.12 |