Vulnerabilities > Tigervnc > Tigervnc > 1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-0408 | A flaw was found in the X.Org server. | 5.5 |
| 2024-01-18 | CVE-2024-0409 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the X.Org server. | 7.8 |
| 2020-09-27 | CVE-2020-26117 | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
| 2020-01-02 | CVE-2014-0011 | Out-of-bounds Write vulnerability in Tigervnc Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering. | 9.8 |
| 2019-12-26 | CVE-2019-15695 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. | 7.2 |
| 2019-12-26 | CVE-2019-15694 | Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. | 7.2 |
| 2019-12-26 | CVE-2019-15693 | Out-of-bounds Write vulnerability in Tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. | 7.2 |
| 2019-12-26 | CVE-2019-15692 | Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. | 7.2 |
| 2019-12-26 | CVE-2019-15691 | Operation on a Resource after Expiration or Release vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. | 7.2 |
| 2017-02-28 | CVE-2017-5581 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tigervnc Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries. | 9.8 |