2 results (0.001 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

30 Sep 2022 — RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode. vRealVNC VNC Server versiones anteriores a 6.11.0 y VNC Viewer versiones anteriores a 6.22.826 en Windows, permiten una escalada de privilegios local por medio del modo de reparación del instalador MSI • https://help.realvnc.com/hc/en-us/articles/360002253138-Release-Notes#vnc-server-6-11-0-released-0-2 • CWE-269: Improper Privilege Management •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

17 Sep 2021 — RealVNC Viewer 6.21.406 allows remote VNC servers to cause a denial of service (application crash) via crafted RFB protocol data. NOTE: It is asserted that this issue requires social engineering a user into connecting to a fake VNC Server. The VNC Viewer application they are using will then hang, until terminated, but no memory leak occurs - the resources are freed once the hung process is terminated and the resource usage is constant during the hang. Only the process that is connected to the fake Server is... • https://gist.github.com/totaam/a90f2bb40f5b693ccec0ae903d021b03 • CWE-20: Improper Input Validation •