High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-18	CVE-2024-0409	Out-of-bounds Write vulnerability in multiple products A flaw was found in the X.Org server. local low complexity x-org tigervnc redhat fedoraproject CWE-787	7.8
2023-12-13	CVE-2023-6377	Out-of-bounds Read vulnerability in multiple products A flaw was found in xorg-server. local low complexity redhat debian x-org tigervnc CWE-125	7.8
2023-12-13	CVE-2023-6478	Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in xorg-server. network low complexity x-org redhat debian tigervnc CWE-190	7.5
2020-09-27	CVE-2020-26117	Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. network low complexity tigervnc debian opensuse CWE-295	8.1
2020-01-02	CVE-2014-0011	Out-of-bounds Write vulnerability in Tigervnc Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering. network low complexity tigervnc CWE-787	7.5
2019-12-26	CVE-2019-15693	Out-of-bounds Write vulnerability in Tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. network low complexity tigervnc CWE-787	7.2
2019-12-26	CVE-2019-15692	Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. network low complexity tigervnc opensuse CWE-787	7.2
2019-12-26	CVE-2019-15691	Operation on a Resource after Expiration or Release vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. network low complexity tigervnc opensuse CWE-672	7.2
2016-12-14	CVE-2014-8241	NULL Pointer Dereference vulnerability in multiple products XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052. network low complexity tigervnc redhat CWE-476	7.5
2014-10-16	CVE-2014-8240	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tigervnc Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051. network low complexity tigervnc CWE-119	7.5