CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2012-2980
https://notcve.org/view.php?id=CVE-2012-2980
21 Aug 2012 — The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. El método de implementación onTouchEvent en Samsumg y HTC para Android en ... • http://www.htc.com/www/help/app-security-fix • CWE-255: Credentials Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2002-1511
https://notcve.org/view.php?id=CVE-2002-1511
03 Mar 2003 — The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. • http://changelogs.credativ.org/debian/pool/main/v/vnc/vnc_3.3.6-3/changelog •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2002-0971
https://notcve.org/view.php?id=CVE-2002-0971
23 Aug 2002 — Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box. Vulnerabilidad en VNC, TightVNC, y TridiaVNC permite a usuarios locales ejecutar código arbitrario como LocalSystem usando el sistema de mensajes de Win32 para evitar el GUI (Interfaz Gráfico de Úsuario) y acceder al cuadro de diálogo "Añadir nuevos clientes" • http://marc.info/?l=bugtraq&m=102994289123085&w=2 •
CVSS: 9.8EPSS: 59%CPEs: 1EXPL: 1CVE-2001-0167 – RealVNC 3.3.7 - Client Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0167
09 Mar 2001 — Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. • https://www.exploit-db.com/exploits/16489 •
CVSS: 10.0EPSS: 67%CPEs: 1EXPL: 1CVE-2001-0168 – WinVNC Web Server 3.3.3r7 - GET Overflow
https://notcve.org/view.php?id=CVE-2001-0168
09 Mar 2001 — Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. • https://www.exploit-db.com/exploits/16491 •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2001-1422
https://notcve.org/view.php?id=CVE-2001-1422
23 Jan 2001 — WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. • http://www.kb.cert.org/vuls/id/303080 •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2000-1164
https://notcve.org/view.php?id=CVE-2000-1164
09 Jan 2001 — WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0253.html •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-1999-1059
https://notcve.org/view.php?id=CVE-1999-1059
25 Feb 1992 — Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. • http://www.cert.org/advisories/CA-1992-04.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1034
https://notcve.org/view.php?id=CVE-1999-1034
23 May 1991 — Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. • http://www.cert.org/advisories/CA-1991-08.html •