CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2019-20840 – Ubuntu Security Notice USN-4434-1
https://notcve.org/view.php?id=CVE-2019-20840
17 Jun 2020 — An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. La biblioteca libvncserver/ws_decode.c puede conllevar a un bloqueo debido a accesos no alineados en la función hybiReadAndDecode Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker could exploit this with a crafted s... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2018-21247 – libvncserver: uninitialized memory contents are vulnerable to Information Leak
https://notcve.org/view.php?id=CVE-2018-21247
17 Jun 2020 — An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. Se presenta una pérdida de memoria en la biblioteca libvncclient/rfbproto.c en la función ConnectToRFBRepeater LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include buffer overflow, denial... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-909: Missing Initialization of Resource •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 1CVE-2019-20788 – libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function
https://notcve.org/view.php?id=CVE-2019-20788
23 Apr 2020 — libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690. En la biblioteca libvncclient/cursor.c en LibVNCServer versiones hasta 0.9.12, tiene un desbordamiento de enteros en la función HandleCursorShape y un desbordamiento de búfer en la región heap de la memoria por medio de un valor de alto o ancho grande. A flaw was found in libvncserver in versions through 0.9.12.... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15690 – libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2019-15690
23 Mar 2020 — LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution. A flaw was found in libvncserver. An integer overflow within the HandleCursorShape() function can be exploited to cause a heap-based buffer overflow by tricking a user or application using libvncserver to connect to an unstrusted server and subsequentl... • https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12 • CWE-122: Heap-based Buffer Overflow •