cbcvebase.

Uvnc Ultravnc vulnerabilities

27 known vulnerabilities affecting uvnc/ultravnc.

Total CVEs
27
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL15HIGH10MEDIUM2

Vulnerabilities

Page 2 of 2
CVE-2019-8270P3HIGHCVSS 7.5fixed in 1.2.2.32019-03-08
CVE-2019-8270 [HIGH] CWE-125 CVE-2019-8270: UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211.
nvd
CVE-2019-8267P3HIGHCVSS 7.5fixed in 1.2.2.32019-03-08
CVE-2019-8267 [HIGH] CWE-125 CVE-2019-8267: UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat modul UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial of service (DoS) condition. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1208.
nvd
CVE-2026-4962P3HIGHCVSS 7.0≥ 1.6.0.0, ≤ 1.6.4.0v1.6.0+4 more2026-03-27
CVE-2026-4962 [HIGH] CWE-426 CVE-2026-4962: A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknow A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by high complexity. The exploitation is known to be difficul
nvd
CVE-2026-3787P4HIGHCVSS 7.0v1.6.4.02026-03-08
CVE-2026-3787 [HIGH] CWE-426 CVE-2026-3787: A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in t A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor w
nvd
CVE-2019-8263P4MEDIUMCVSS 6.5fixed in 1.2.2.32019-03-05
CVE-2019-8263 [MEDIUM] CWE-121 CVE-2019-8263: UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowC UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206.
nvd
CVE-2020-37133P4HIGHCVSS 7.5≤ 1.2.4.02026-02-05
CVE-2020-37133 [HIGH] CWE-121 CVE-2020-37133: UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configurat UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash.
nvd
CVE-2020-37132P4MEDIUMCVSS 5.5≤ 1.2.4.02026-02-05
CVE-2020-37132 [MEDIUM] CWE-121 CVE-2020-37132: UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration p UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to trigger an application crash and prevent normal launcher functionality.
nvd
Uvnc Ultravnc vulnerabilities | cvebase