CVE search results

21 – 30 of 45 results

Detailed view

Sort by:

CVE-2018-7225

Medium priority

Some fixes available 31 of 44

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified...

4 affected packages

libvncserver, vino, italc, tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libvncserver	Fixed	Fixed	Fixed	Fixed
vino	Fixed	Fixed	Fixed	Fixed
italc	Not in release	Not in release	Not in release	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-6307

Medium priority

Some fixes available 4 of 5

LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.

2 affected packages

libvncserver, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libvncserver	—	—	—	Fixed
x11vnc	—	—	—	Not affected

CVE-2018-21247

Low priority

Needs evaluation

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

4 affected packages

x11vnc, libvncserver, vino, veyon

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
x11vnc	Not affected	Not affected	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Needs evaluation	Needs evaluation
vino	Not affected	Not affected	Not affected	Not affected
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release

CVE-2018-20750

Medium priority

Some fixes available 6 of 7

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

3 affected packages

italc, libvncserver, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	—	—	Not in release	Fixed
libvncserver	—	—	Not affected	Fixed
x11vnc	—	—	Not affected	Not affected

CVE-2018-20749

Medium priority

Some fixes available 6 of 7

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

3 affected packages

italc, libvncserver, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	—	—	Not in release	Fixed
libvncserver	—	—	Not affected	Fixed
x11vnc	—	—	Not affected	Not affected

CVE-2018-20748

Medium priority

Some fixes available 7 of 21

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

4 affected packages

libvncserver, x11vnc, italc, tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libvncserver	Not affected	Not affected	Not affected	Fixed
x11vnc	Not affected	Not affected	Not affected	Not affected
italc	Not in release	Not in release	Not in release	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-20024

Medium priority

Some fixes available 7 of 9

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.

4 affected packages

italc, ssvnc, libvncserver, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	Not in release	Not in release	Not in release	Fixed
ssvnc	Not affected	Not affected	Not affected	Vulnerable
libvncserver	Not affected	Not affected	Not affected	Fixed
x11vnc	Not affected	Not affected	Not affected	Not affected

CVE-2018-20023

Medium priority

Some fixes available 6 of 7

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure....

3 affected packages

italc, libvncserver, x11vnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	—	—	Not in release	Fixed
libvncserver	—	—	Not affected	Fixed
x11vnc	—	—	Not affected	Not affected

CVE-2018-20022

Medium priority

Some fixes available 8 of 23

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information...

5 affected packages

italc, ssvnc, libvncserver, x11vnc, tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	Not in release	Not in release	Not in release	Fixed
ssvnc	Not affected	Not affected	Not affected	Vulnerable
libvncserver	Not affected	Not affected	Not affected	Fixed
x11vnc	Not affected	Not affected	Not affected	Not affected
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-20021

Medium priority

Some fixes available 8 of 23

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM

5 affected packages

italc, ssvnc, libvncserver, x11vnc, tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	Not in release	Not in release	Not in release	Fixed
ssvnc	Not affected	Not affected	Not affected	Vulnerable
libvncserver	Not affected	Not affected	Not affected	Fixed
x11vnc	Not affected	Not affected	Not affected	Not affected
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page:

Search CVE reports