CVE search results

11 – 19 of 19 results

Detailed view

Sort by:

CVE-2018-7225

Medium priority

Some fixes available 31 of 44

An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified...

4 affected packages

italc, libvncserver, tightvnc, vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	Not in release	Not in release	Not in release	Fixed
libvncserver	Fixed	Fixed	Fixed	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vino	Fixed	Fixed	Fixed	Fixed

CVE-2018-21247

Low priority

Needs evaluation

An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

4 affected packages

vino, veyon, x11vnc, libvncserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vino	Not affected	Not affected	Not affected	Not affected
veyon	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
x11vnc	Not affected	Not affected	Needs evaluation	Needs evaluation
libvncserver	Not affected	Not affected	Needs evaluation	Needs evaluation

CVE-2014-6053

Medium priority

Some fixes available 18 of 32

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a...

5 affected packages

italc, krfb, libvncserver, vino, tightvnc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
italc	Not in release	Not in release	Not in release	Not affected
krfb	Not affected	Not affected	Not affected	Not affected
libvncserver	Not affected	Not affected	Not affected	Not affected
vino	Fixed	Fixed	Fixed	Fixed
tightvnc	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2013-5745

Medium priority

Some fixes available 3 of 4

The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close...

1 affected package

vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vino	—	—	—	—

CVE-2012-4429

Medium priority

Some fixes available 4 of 6

Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.

1 affected package

vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vino	—	—	—	—

CVE-2011-1165

Low priority

Ignored

Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to...

1 affected package

vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vino	—	—	—	—

CVE-2011-1164

Low priority

Ignored

Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.

1 affected package

vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vino	—	—	—	—

CVE-2011-0905

Medium priority

Some fixes available 4 of 11

The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows...

3 affected packages

kdenetwork, libvncserver, vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kdenetwork	—	—	—	—
libvncserver	—	—	—	—
vino	—	—	—	—

CVE-2011-0904

Medium priority

Some fixes available 4 of 11

3 affected packages

kdenetwork, libvncserver, vino

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kdenetwork	—	—	—	—
libvncserver	—	—	—	—
vino	—	—	—	—

Export to JSON

Results by page:

Search CVE reports