Vulnerabilities > Tigervnc
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-13 | CVE-2023-6478 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in xorg-server. | 7.5 |
2020-09-27 | CVE-2020-26117 | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
2020-01-02 | CVE-2014-0011 | Out-of-bounds Write vulnerability in Tigervnc Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering. | 9.8 |
2019-12-26 | CVE-2019-15695 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. | 7.2 |
2019-12-26 | CVE-2019-15694 | Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. | 7.2 |
2019-12-26 | CVE-2019-15693 | Out-of-bounds Write vulnerability in Tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. | 7.2 |
2019-12-26 | CVE-2019-15692 | Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. | 7.2 |
2019-12-26 | CVE-2019-15691 | Operation on a Resource after Expiration or Release vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. | 7.2 |
2017-04-01 | CVE-2017-7396 | Missing Release of Resource after Effective Lifetime vulnerability in Tigervnc 1.7.1 In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. | 7.5 |
2017-04-01 | CVE-2017-7395 | Integer Overflow or Wraparound vulnerability in Tigervnc 1.7.1 In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. | 6.5 |