Vulnerabilities > Tigervnc > Tigervnc > 1.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-0408 | A flaw was found in the X.Org server. | 5.5 |
| 2024-01-18 | CVE-2024-0409 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the X.Org server. | 7.8 |
| 2020-09-27 | CVE-2020-26117 | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
| 2019-12-26 | CVE-2019-15695 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. | 6.5 |
| 2019-12-26 | CVE-2019-15694 | Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. | 6.5 |
| 2019-12-26 | CVE-2019-15693 | Out-of-bounds Write vulnerability in Tigervnc TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. | 7.2 |
| 2019-12-26 | CVE-2019-15692 | Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. | 7.2 |
| 2019-12-26 | CVE-2019-15691 | Operation on a Resource after Expiration or Release vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. | 7.2 |
| 2017-02-28 | CVE-2017-5581 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tigervnc Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries. | 6.8 |
| 2017-02-28 | CVE-2016-10207 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early. | 5.0 |