High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-17	CVE-2020-14398	Infinite Loop vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens opensuse CWE-835	7.5
2020-06-17	CVE-2020-14397	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens opensuse CWE-476	7.5
2020-06-17	CVE-2020-14396	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens CWE-476	7.5
2020-06-17	CVE-2019-20840	Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens opensuse CWE-787	7.5
2020-06-17	CVE-2019-20839	Classic Buffer Overflow vulnerability in multiple products libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. network low complexity libvnc-project canonical debian siemens opensuse CWE-120	7.5
2020-06-17	CVE-2018-21247	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens opensuse CWE-909	7.5
2019-10-29	CVE-2019-15681	Improper Initialization vulnerability in multiple products LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. network low complexity libvnc-project canonical debian siemens CWE-665	7.5
2018-12-19	CVE-2018-6307	Use After Free vulnerability in multiple products LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. network high complexity libvnc-project debian canonical CWE-416	8.1
2018-12-19	CVE-2018-20024	NULL Pointer Dereference vulnerability in multiple products LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS. network low complexity libvnc-project debian canonical CWE-476	7.5
2018-12-19	CVE-2018-20023	Improper Initialization vulnerability in multiple products LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. network low complexity libvnc-project debian canonical CWE-665	7.5