cbcvebase.

Libvncserver Project Libvncserver vulnerabilities

44 known vulnerabilities affecting libvncserver_project/libvncserver.

Total CVEs
44
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH24MEDIUM8

Vulnerabilities

Page 3 of 3
CVE-2014-6053P4MEDIUMCVSS 5.0≥ 0, < 0.9.9+dfsg-6.12014-12-15
CVE-2014-6053 [MEDIUM] CVE-2014-6053: The rfbProcessClientNormalMessage function in libvncserver/rfbserver The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.
osv
CVE-2020-14403P4MEDIUMCVSS 5.4≥ 0, < 0.9.13+dfsg-12020-06-17
CVE-2020-14403 [MEDIUM] CVE-2020-14403: An issue was discovered in LibVNCServer before 0 An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
osv
CVE-2020-14404P4MEDIUMCVSS 5.4≥ 0, < 0.9.13+dfsg-12020-06-17
CVE-2020-14404 [MEDIUM] CVE-2020-14404: An issue was discovered in LibVNCServer before 0 An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
osv
CVE-2014-6054P4MEDIUMCVSS 4.3≥ 0, < 0.9.9+dfsg-6.12014-10-06
CVE-2014-6054 [MEDIUM] CVE-2014-6054: The rfbProcessClientNormalMessage function in libvncserver/rfbserver The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
osv
Libvncserver Project Libvncserver vulnerabilities | cvebase