Vulnerabilities > Libvncserver Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-02 | CVE-2020-29260 | Resource Exhaustion vulnerability in multiple products libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). | 7.5 |
| 2020-11-27 | CVE-2020-25708 | Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. | 7.5 |
| 2020-06-30 | CVE-2017-18922 | Out-of-bounds Write vulnerability in multiple products It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. network low complexity libvncserver-project canonical opensuse fedoraproject siemens CWE-787 critical | 9.8 |
| 2020-06-17 | CVE-2020-14401 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 6.5 |
| 2020-06-17 | CVE-2020-14400 | An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2020-06-17 | CVE-2020-14399 | An issue was discovered in LibVNCServer before 0.9.13. | 7.5 |
| 2020-02-05 | CVE-2010-5304 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. | 7.5 |
| 2018-02-19 | CVE-2018-7225 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer through 0.9.11. | 9.8 |
| 2016-12-31 | CVE-2016-9942 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libvncserver Project Libvncserver 0.9.10 Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions. | 9.8 |
| 2016-12-31 | CVE-2016-9941 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libvncserver Project Libvncserver Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area. | 9.8 |