CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27830
https://notcve.org/view.php?id=CVE-2023-27830
12 Apr 2023 — TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account. • https://medium.com/nestedif/vulnerability-disclosure-privilege-escalation-tightvnc-8165208cce • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42785 – Buffer Overflow in tvnviewer.exe via Crafted Packet in TightVNC Viewer 2.8.59
https://notcve.org/view.php?id=CVE-2021-42785
23 Nov 2021 — Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server. Una vulnerabilidad de desbordamiento del búfer en el archivo tvnviewer.exe de TightVNC Viewer permite a un atacante remoto ejecutar instrucciones arbitrarias por medio de un paquete FramebufferUpdate diseñado desde un servidor VNC • https://www.tightvnc.com/whatsnew.php • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 48%CPEs: 3EXPL: 5CVE-2009-0388 – TightVNC - Authentication Failure Integer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-0388
03 Feb 2009 — Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp. Errores múltiples de signo de entero en (1) UltraVNC v1.0.2 y v1.0.5 y (2) TightVnc v1.3.9 permiten a atacantes remot... • https://packetstorm.news/files/id/74789 • CWE-189: Numeric Errors •