Known Vulnerabilities for products from Tigervnc
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Tigervnc".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34352 | Not Provided | 2026-03-26 | 2026-03-27 | |
| CVE-2020-26117 | In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. Th... | 8.1 - HIGH | 2020-09-27 | 2022-11-16 |
| CVE-2019-15695 | TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCur... | 7.2 - HIGH | 2019-12-26 | 2020-10-16 |
| CVE-2019-15694 | TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRe... | 7.2 - HIGH | 2019-12-26 | 2020-10-16 |
| CVE-2019-15693 | TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploit... | 7.2 - HIGH | 2019-12-26 | 2023-01-20 |
| CVE-2019-15692 | TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder... | 7.2 - HIGH | 2019-12-26 | 2022-12-22 |
| CVE-2019-15691 | TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory... | 7.2 - HIGH | 2019-12-26 | 2022-11-09 |
| CVE-2017-7396 | In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the ... | 7.5 - HIGH | 2017-04-01 | 2019-10-03 |
| CVE-2017-7395 | In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can... | 6.5 - MEDIUM | 2017-04-01 | 2018-01-13 |
| CVE-2017-7394 | In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long... | 7.5 - HIGH | 2017-04-01 | 2018-01-13 |
| CVE-2017-7393 | In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to... | 8.8 - HIGH | 2017-04-01 | 2018-01-13 |
| CVE-2017-7392 | In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small m... | 7.5 - HIGH | 2017-04-01 | 2019-10-03 |
| CVE-2017-5581 | Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arb... | 9.8 - CRITICAL | 2017-02-28 | 2018-01-05 |
| CVE-2016-10207 | The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by termina... | 7.5 - HIGH | 2017-02-28 | 2018-02-01 |
| CVE-2014-8241 | XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure t... | 9.8 - CRITICAL | 2016-12-14 | 2016-12-20 |
| CVE-2014-8240 | Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary co... | 7.5 - HIGH | 2014-10-16 | 2017-09-08 |
| CVE-2014-0011 | Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when ND... | 9.8 - CRITICAL | 2020-01-02 | 2020-01-14 |
| CVE-2011-1775 | The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not... | 5.8 - MEDIUM | 2011-05-26 | 2023-02-13 |
Known software with vulnerabilities from Tigervnc
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Tigervnc | Tigervnc | - |