Vulnerabilities > Libvnc Project > Libvncserver > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-17 | CVE-2020-14398 | Infinite Loop vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2020-06-17 | CVE-2020-14397 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2020-06-17 | CVE-2020-14396 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2020-06-17 | CVE-2019-20840 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2020-06-17 | CVE-2019-20839 | Classic Buffer Overflow vulnerability in multiple products libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | 7.5 |
| 2020-06-17 | CVE-2018-21247 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2019-10-29 | CVE-2019-15681 | Improper Initialization vulnerability in multiple products LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. | 7.5 |
| 2018-12-19 | CVE-2018-6307 | Use After Free vulnerability in multiple products LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. | 8.1 |
| 2018-12-19 | CVE-2018-20024 | NULL Pointer Dereference vulnerability in multiple products LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS. | 7.5 |
| 2018-12-19 | CVE-2018-20023 | Improper Initialization vulnerability in multiple products LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. | 7.5 |