Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
Typedeb
Namespacedebian
Namelibvncserver
Version0.9.11+dfsg-1.3+deb10u4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.9.15+dfsg-1+deb13u1
Latest_non_vulnerable_version0.9.15+dfsg-1+deb13u1
Affected_by_vulnerabilities
0
url VCID-6w3g-x86a-sfbj
vulnerability_id VCID-6w3g-x86a-sfbj
summary libvncserver: libvncserver/corre.c allows out-of-bounds access via encodings
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14402
reference_id
reference_type
scores
0
value 0.02216
scoring_system epss
scoring_elements 0.8441
published_at 2026-04-01T12:55:00Z
1
value 0.02216
scoring_system epss
scoring_elements 0.84425
published_at 2026-04-02T12:55:00Z
2
value 0.02216
scoring_system epss
scoring_elements 0.84444
published_at 2026-04-04T12:55:00Z
3
value 0.02216
scoring_system epss
scoring_elements 0.84446
published_at 2026-04-07T12:55:00Z
4
value 0.02216
scoring_system epss
scoring_elements 0.84468
published_at 2026-04-08T12:55:00Z
5
value 0.02216
scoring_system epss
scoring_elements 0.84474
published_at 2026-04-09T12:55:00Z
6
value 0.02216
scoring_system epss
scoring_elements 0.84492
published_at 2026-04-11T12:55:00Z
7
value 0.02216
scoring_system epss
scoring_elements 0.84486
published_at 2026-04-12T12:55:00Z
8
value 0.02216
scoring_system epss
scoring_elements 0.84481
published_at 2026-04-13T12:55:00Z
9
value 0.02216
scoring_system epss
scoring_elements 0.84503
published_at 2026-04-16T12:55:00Z
10
value 0.02216
scoring_system epss
scoring_elements 0.84504
published_at 2026-04-18T12:55:00Z
11
value 0.02216
scoring_system epss
scoring_elements 0.84506
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14402
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860367
reference_id 1860367
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860367
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
6
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14402
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6w3g-x86a-sfbj
1
url VCID-7taj-t1kg-h3a9
vulnerability_id VCID-7taj-t1kg-h3a9
summary libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25708
reference_id
reference_type
scores
0
value 0.0071
scoring_system epss
scoring_elements 0.72252
published_at 2026-04-21T12:55:00Z
1
value 0.0071
scoring_system epss
scoring_elements 0.72255
published_at 2026-04-16T12:55:00Z
2
value 0.0071
scoring_system epss
scoring_elements 0.72265
published_at 2026-04-18T12:55:00Z
3
value 0.00784
scoring_system epss
scoring_elements 0.73708
published_at 2026-04-07T12:55:00Z
4
value 0.00784
scoring_system epss
scoring_elements 0.73743
published_at 2026-04-08T12:55:00Z
5
value 0.00784
scoring_system epss
scoring_elements 0.73756
published_at 2026-04-09T12:55:00Z
6
value 0.00784
scoring_system epss
scoring_elements 0.73778
published_at 2026-04-11T12:55:00Z
7
value 0.00784
scoring_system epss
scoring_elements 0.7376
published_at 2026-04-12T12:55:00Z
8
value 0.00784
scoring_system epss
scoring_elements 0.73751
published_at 2026-04-13T12:55:00Z
9
value 0.00784
scoring_system epss
scoring_elements 0.73703
published_at 2026-04-01T12:55:00Z
10
value 0.00784
scoring_system epss
scoring_elements 0.73713
published_at 2026-04-02T12:55:00Z
11
value 0.00784
scoring_system epss
scoring_elements 0.73736
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1896739
reference_id 1896739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1896739
4
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
5
reference_url https://usn.ubuntu.com/4636-1/
reference_id USN-4636-1
reference_type
scores
url https://usn.ubuntu.com/4636-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-25708
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7taj-t1kg-h3a9
2
url VCID-9eyh-gzse-8qdk
vulnerability_id VCID-9eyh-gzse-8qdk
summary libvncserver: libvncserver/scale.c has a pixel_value integer overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14401
reference_id
reference_type
scores
0
value 0.01613
scoring_system epss
scoring_elements 0.81711
published_at 2026-04-01T12:55:00Z
1
value 0.01613
scoring_system epss
scoring_elements 0.81721
published_at 2026-04-02T12:55:00Z
2
value 0.01613
scoring_system epss
scoring_elements 0.81745
published_at 2026-04-04T12:55:00Z
3
value 0.01613
scoring_system epss
scoring_elements 0.81741
published_at 2026-04-07T12:55:00Z
4
value 0.01613
scoring_system epss
scoring_elements 0.81768
published_at 2026-04-08T12:55:00Z
5
value 0.01613
scoring_system epss
scoring_elements 0.81773
published_at 2026-04-09T12:55:00Z
6
value 0.01613
scoring_system epss
scoring_elements 0.81792
published_at 2026-04-11T12:55:00Z
7
value 0.01613
scoring_system epss
scoring_elements 0.8178
published_at 2026-04-12T12:55:00Z
8
value 0.01613
scoring_system epss
scoring_elements 0.81776
published_at 2026-04-13T12:55:00Z
9
value 0.01613
scoring_system epss
scoring_elements 0.81813
published_at 2026-04-18T12:55:00Z
10
value 0.01613
scoring_system epss
scoring_elements 0.81816
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14401
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860364
reference_id 1860364
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860364
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14401
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9eyh-gzse-8qdk
3
url VCID-d3c1-uv78-a7cj
vulnerability_id VCID-d3c1-uv78-a7cj
summary libvncserver: libvncserver/rre.c allows out-of-bounds access via encodings
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14404
reference_id
reference_type
scores
0
value 0.01332
scoring_system epss
scoring_elements 0.79907
published_at 2026-04-01T12:55:00Z
1
value 0.01332
scoring_system epss
scoring_elements 0.79914
published_at 2026-04-02T12:55:00Z
2
value 0.01332
scoring_system epss
scoring_elements 0.79935
published_at 2026-04-04T12:55:00Z
3
value 0.01332
scoring_system epss
scoring_elements 0.79923
published_at 2026-04-07T12:55:00Z
4
value 0.01332
scoring_system epss
scoring_elements 0.79952
published_at 2026-04-08T12:55:00Z
5
value 0.01332
scoring_system epss
scoring_elements 0.79961
published_at 2026-04-09T12:55:00Z
6
value 0.01332
scoring_system epss
scoring_elements 0.79981
published_at 2026-04-11T12:55:00Z
7
value 0.01332
scoring_system epss
scoring_elements 0.79964
published_at 2026-04-12T12:55:00Z
8
value 0.01332
scoring_system epss
scoring_elements 0.79956
published_at 2026-04-13T12:55:00Z
9
value 0.01332
scoring_system epss
scoring_elements 0.79984
published_at 2026-04-18T12:55:00Z
10
value 0.01332
scoring_system epss
scoring_elements 0.79987
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14404
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860337
reference_id 1860337
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860337
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
6
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14404
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3c1-uv78-a7cj
4
url VCID-dmax-ew5t-4fg4
vulnerability_id VCID-dmax-ew5t-4fg4
summary libvncserver: libvncclient/tls_openssl.c has a NULL pointer dereference
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14396
reference_id
reference_type
scores
0
value 0.01582
scoring_system epss
scoring_elements 0.81513
published_at 2026-04-01T12:55:00Z
1
value 0.01582
scoring_system epss
scoring_elements 0.81525
published_at 2026-04-02T12:55:00Z
2
value 0.01582
scoring_system epss
scoring_elements 0.81546
published_at 2026-04-04T12:55:00Z
3
value 0.01582
scoring_system epss
scoring_elements 0.81545
published_at 2026-04-07T12:55:00Z
4
value 0.01582
scoring_system epss
scoring_elements 0.81572
published_at 2026-04-08T12:55:00Z
5
value 0.01582
scoring_system epss
scoring_elements 0.81578
published_at 2026-04-09T12:55:00Z
6
value 0.01582
scoring_system epss
scoring_elements 0.81598
published_at 2026-04-11T12:55:00Z
7
value 0.01582
scoring_system epss
scoring_elements 0.81586
published_at 2026-04-12T12:55:00Z
8
value 0.01582
scoring_system epss
scoring_elements 0.81579
published_at 2026-04-13T12:55:00Z
9
value 0.01582
scoring_system epss
scoring_elements 0.81616
published_at 2026-04-16T12:55:00Z
10
value 0.01582
scoring_system epss
scoring_elements 0.81617
published_at 2026-04-18T12:55:00Z
11
value 0.01582
scoring_system epss
scoring_elements 0.81621
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14396
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14396
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860340
reference_id 1860340
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860340
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14396
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmax-ew5t-4fg4
5
url VCID-dzex-yhec-uydq
vulnerability_id VCID-dzex-yhec-uydq
summary libvncserver: websocket decoding buffer overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18922.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18922.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18922
reference_id
reference_type
scores
0
value 0.04777
scoring_system epss
scoring_elements 0.89423
published_at 2026-04-01T12:55:00Z
1
value 0.04777
scoring_system epss
scoring_elements 0.89428
published_at 2026-04-02T12:55:00Z
2
value 0.04777
scoring_system epss
scoring_elements 0.89439
published_at 2026-04-04T12:55:00Z
3
value 0.04777
scoring_system epss
scoring_elements 0.89441
published_at 2026-04-07T12:55:00Z
4
value 0.04777
scoring_system epss
scoring_elements 0.89457
published_at 2026-04-08T12:55:00Z
5
value 0.04777
scoring_system epss
scoring_elements 0.89461
published_at 2026-04-09T12:55:00Z
6
value 0.04777
scoring_system epss
scoring_elements 0.89469
published_at 2026-04-11T12:55:00Z
7
value 0.04777
scoring_system epss
scoring_elements 0.89467
published_at 2026-04-12T12:55:00Z
8
value 0.04777
scoring_system epss
scoring_elements 0.89463
published_at 2026-04-13T12:55:00Z
9
value 0.04777
scoring_system epss
scoring_elements 0.89477
published_at 2026-04-16T12:55:00Z
10
value 0.04777
scoring_system epss
scoring_elements 0.89478
published_at 2026-04-18T12:55:00Z
11
value 0.04777
scoring_system epss
scoring_elements 0.89475
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18922
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18922
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18922
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1852356
reference_id 1852356
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1852356
5
reference_url https://access.redhat.com/errata/RHSA-2020:3281
reference_id RHSA-2020:3281
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3281
6
reference_url https://access.redhat.com/errata/RHSA-2020:3385
reference_id RHSA-2020:3385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3385
7
reference_url https://access.redhat.com/errata/RHSA-2020:3456
reference_id RHSA-2020:3456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3456
8
reference_url https://access.redhat.com/errata/RHSA-2020:3588
reference_id RHSA-2020:3588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3588
9
reference_url https://usn.ubuntu.com/4407-1/
reference_id USN-4407-1
reference_type
scores
url https://usn.ubuntu.com/4407-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2017-18922
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzex-yhec-uydq
6
url VCID-j4kf-j3t8-fbfb
vulnerability_id VCID-j4kf-j3t8-fbfb
summary libvncserver: an improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14398
reference_id
reference_type
scores
0
value 0.02271
scoring_system epss
scoring_elements 0.84576
published_at 2026-04-01T12:55:00Z
1
value 0.02271
scoring_system epss
scoring_elements 0.8459
published_at 2026-04-02T12:55:00Z
2
value 0.02271
scoring_system epss
scoring_elements 0.84611
published_at 2026-04-04T12:55:00Z
3
value 0.02271
scoring_system epss
scoring_elements 0.84613
published_at 2026-04-07T12:55:00Z
4
value 0.02271
scoring_system epss
scoring_elements 0.84634
published_at 2026-04-08T12:55:00Z
5
value 0.02271
scoring_system epss
scoring_elements 0.84641
published_at 2026-04-09T12:55:00Z
6
value 0.02271
scoring_system epss
scoring_elements 0.84659
published_at 2026-04-11T12:55:00Z
7
value 0.02271
scoring_system epss
scoring_elements 0.84654
published_at 2026-04-12T12:55:00Z
8
value 0.02271
scoring_system epss
scoring_elements 0.84649
published_at 2026-04-13T12:55:00Z
9
value 0.02271
scoring_system epss
scoring_elements 0.8467
published_at 2026-04-16T12:55:00Z
10
value 0.02271
scoring_system epss
scoring_elements 0.84671
published_at 2026-04-18T12:55:00Z
11
value 0.02271
scoring_system epss
scoring_elements 0.84672
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14398
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860348
reference_id 1860348
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860348
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14398
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4kf-j3t8-fbfb
7
url VCID-kzk2-vaa2-6bfa
vulnerability_id VCID-kzk2-vaa2-6bfa
summary libvncserver: byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14399
reference_id
reference_type
scores
0
value 0.02462
scoring_system epss
scoring_elements 0.85266
published_at 2026-04-21T12:55:00Z
1
value 0.02462
scoring_system epss
scoring_elements 0.85176
published_at 2026-04-01T12:55:00Z
2
value 0.02462
scoring_system epss
scoring_elements 0.85187
published_at 2026-04-02T12:55:00Z
3
value 0.02462
scoring_system epss
scoring_elements 0.85205
published_at 2026-04-04T12:55:00Z
4
value 0.02462
scoring_system epss
scoring_elements 0.85206
published_at 2026-04-07T12:55:00Z
5
value 0.02462
scoring_system epss
scoring_elements 0.85228
published_at 2026-04-08T12:55:00Z
6
value 0.02462
scoring_system epss
scoring_elements 0.85236
published_at 2026-04-09T12:55:00Z
7
value 0.02462
scoring_system epss
scoring_elements 0.85251
published_at 2026-04-11T12:55:00Z
8
value 0.02462
scoring_system epss
scoring_elements 0.85249
published_at 2026-04-12T12:55:00Z
9
value 0.02462
scoring_system epss
scoring_elements 0.85245
published_at 2026-04-13T12:55:00Z
10
value 0.02462
scoring_system epss
scoring_elements 0.85265
published_at 2026-04-16T12:55:00Z
11
value 0.02462
scoring_system epss
scoring_elements 0.85267
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860354
reference_id 1860354
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860354
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14399
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzk2-vaa2-6bfa
8
url VCID-nxh7-7s8e-g3ec
vulnerability_id VCID-nxh7-7s8e-g3ec
summary libvncserver: libvncserver/hextile.c allows out-of-bounds access via encodings
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14403
reference_id
reference_type
scores
0
value 0.01113
scoring_system epss
scoring_elements 0.78107
published_at 2026-04-01T12:55:00Z
1
value 0.01113
scoring_system epss
scoring_elements 0.78116
published_at 2026-04-02T12:55:00Z
2
value 0.01113
scoring_system epss
scoring_elements 0.78145
published_at 2026-04-04T12:55:00Z
3
value 0.01113
scoring_system epss
scoring_elements 0.78128
published_at 2026-04-07T12:55:00Z
4
value 0.01113
scoring_system epss
scoring_elements 0.78154
published_at 2026-04-08T12:55:00Z
5
value 0.01113
scoring_system epss
scoring_elements 0.78161
published_at 2026-04-09T12:55:00Z
6
value 0.01113
scoring_system epss
scoring_elements 0.78186
published_at 2026-04-11T12:55:00Z
7
value 0.01113
scoring_system epss
scoring_elements 0.78169
published_at 2026-04-12T12:55:00Z
8
value 0.01113
scoring_system epss
scoring_elements 0.78165
published_at 2026-04-13T12:55:00Z
9
value 0.01113
scoring_system epss
scoring_elements 0.78198
published_at 2026-04-16T12:55:00Z
10
value 0.01113
scoring_system epss
scoring_elements 0.78197
published_at 2026-04-18T12:55:00Z
11
value 0.01113
scoring_system epss
scoring_elements 0.78192
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14403
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860334
reference_id 1860334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860334
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
6
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14403
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxh7-7s8e-g3ec
9
url VCID-q3t7-3yq6-gkan
vulnerability_id VCID-q3t7-3yq6-gkan
summary libvncserver: unaligned accesses in hybiReadAndDecode can lead to a crash
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20840
reference_id
reference_type
scores
0
value 0.02026
scoring_system epss
scoring_elements 0.83715
published_at 2026-04-01T12:55:00Z
1
value 0.02026
scoring_system epss
scoring_elements 0.83728
published_at 2026-04-02T12:55:00Z
2
value 0.02026
scoring_system epss
scoring_elements 0.83742
published_at 2026-04-04T12:55:00Z
3
value 0.02026
scoring_system epss
scoring_elements 0.83745
published_at 2026-04-07T12:55:00Z
4
value 0.02026
scoring_system epss
scoring_elements 0.83769
published_at 2026-04-08T12:55:00Z
5
value 0.02026
scoring_system epss
scoring_elements 0.83775
published_at 2026-04-09T12:55:00Z
6
value 0.02026
scoring_system epss
scoring_elements 0.83791
published_at 2026-04-11T12:55:00Z
7
value 0.02026
scoring_system epss
scoring_elements 0.83785
published_at 2026-04-12T12:55:00Z
8
value 0.02026
scoring_system epss
scoring_elements 0.83781
published_at 2026-04-13T12:55:00Z
9
value 0.02026
scoring_system epss
scoring_elements 0.83814
published_at 2026-04-16T12:55:00Z
10
value 0.02026
scoring_system epss
scoring_elements 0.83815
published_at 2026-04-18T12:55:00Z
11
value 0.02026
scoring_system epss
scoring_elements 0.83816
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20840
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1849881
reference_id 1849881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1849881
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2019-20840
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3t7-3yq6-gkan
10
url VCID-q4eg-8ph7-nfer
vulnerability_id VCID-q4eg-8ph7-nfer
summary libvncserver: information disclosure and ASLR bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15681
reference_id
reference_type
scores
0
value 0.06191
scoring_system epss
scoring_elements 0.90805
published_at 2026-04-01T12:55:00Z
1
value 0.06191
scoring_system epss
scoring_elements 0.90811
published_at 2026-04-02T12:55:00Z
2
value 0.06191
scoring_system epss
scoring_elements 0.90823
published_at 2026-04-04T12:55:00Z
3
value 0.06191
scoring_system epss
scoring_elements 0.90833
published_at 2026-04-07T12:55:00Z
4
value 0.06191
scoring_system epss
scoring_elements 0.90845
published_at 2026-04-08T12:55:00Z
5
value 0.06191
scoring_system epss
scoring_elements 0.90851
published_at 2026-04-09T12:55:00Z
6
value 0.06191
scoring_system epss
scoring_elements 0.9086
published_at 2026-04-12T12:55:00Z
7
value 0.06191
scoring_system epss
scoring_elements 0.90857
published_at 2026-04-13T12:55:00Z
8
value 0.06191
scoring_system epss
scoring_elements 0.90882
published_at 2026-04-16T12:55:00Z
9
value 0.06191
scoring_system epss
scoring_elements 0.90879
published_at 2026-04-18T12:55:00Z
10
value 0.06191
scoring_system epss
scoring_elements 0.90878
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15681
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1854761
reference_id 1854761
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1854761
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793
reference_id 943793
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id 945784
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
7
reference_url https://usn.ubuntu.com/4407-1/
reference_id USN-4407-1
reference_type
scores
url https://usn.ubuntu.com/4407-1/
8
reference_url https://usn.ubuntu.com/4547-1/
reference_id USN-4547-1
reference_type
scores
url https://usn.ubuntu.com/4547-1/
9
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
10
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2019-15681
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4eg-8ph7-nfer
11
url VCID-qde7-y8q2-2bgq
vulnerability_id VCID-qde7-y8q2-2bgq
summary libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15690.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15690
reference_id
reference_type
scores
0
value 0.04329
scoring_system epss
scoring_elements 0.88864
published_at 2026-04-01T12:55:00Z
1
value 0.04329
scoring_system epss
scoring_elements 0.88872
published_at 2026-04-02T12:55:00Z
2
value 0.04329
scoring_system epss
scoring_elements 0.88928
published_at 2026-04-21T12:55:00Z
3
value 0.04329
scoring_system epss
scoring_elements 0.8892
published_at 2026-04-13T12:55:00Z
4
value 0.04329
scoring_system epss
scoring_elements 0.88934
published_at 2026-04-16T12:55:00Z
5
value 0.04329
scoring_system epss
scoring_elements 0.88932
published_at 2026-04-18T12:55:00Z
6
value 0.04329
scoring_system epss
scoring_elements 0.88888
published_at 2026-04-04T12:55:00Z
7
value 0.04329
scoring_system epss
scoring_elements 0.8889
published_at 2026-04-07T12:55:00Z
8
value 0.04329
scoring_system epss
scoring_elements 0.88909
published_at 2026-04-08T12:55:00Z
9
value 0.04329
scoring_system epss
scoring_elements 0.88914
published_at 2026-04-09T12:55:00Z
10
value 0.04329
scoring_system epss
scoring_elements 0.88925
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1811948
reference_id 1811948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1811948
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163
reference_id 954163
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163
6
reference_url https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/
reference_id klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-24T18:22:46Z/
url https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/
7
reference_url https://access.redhat.com/errata/RHSA-2020:0913
reference_id RHSA-2020:0913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0913
8
reference_url https://access.redhat.com/errata/RHSA-2020:0920
reference_id RHSA-2020:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0920
9
reference_url https://access.redhat.com/errata/RHSA-2020:0921
reference_id RHSA-2020:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0921
10
reference_url https://usn.ubuntu.com/4407-1/
reference_id USN-4407-1
reference_type
scores
url https://usn.ubuntu.com/4407-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2019-15690
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qde7-y8q2-2bgq
12
url VCID-qfyp-1xhm-13au
vulnerability_id VCID-qfyp-1xhm-13au
summary libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14397
reference_id
reference_type
scores
0
value 0.04438
scoring_system epss
scoring_elements 0.88996
published_at 2026-04-01T12:55:00Z
1
value 0.04438
scoring_system epss
scoring_elements 0.89004
published_at 2026-04-02T12:55:00Z
2
value 0.04438
scoring_system epss
scoring_elements 0.8902
published_at 2026-04-04T12:55:00Z
3
value 0.04438
scoring_system epss
scoring_elements 0.89022
published_at 2026-04-07T12:55:00Z
4
value 0.04438
scoring_system epss
scoring_elements 0.89039
published_at 2026-04-08T12:55:00Z
5
value 0.04438
scoring_system epss
scoring_elements 0.89045
published_at 2026-04-09T12:55:00Z
6
value 0.04438
scoring_system epss
scoring_elements 0.89057
published_at 2026-04-11T12:55:00Z
7
value 0.04438
scoring_system epss
scoring_elements 0.89052
published_at 2026-04-12T12:55:00Z
8
value 0.04438
scoring_system epss
scoring_elements 0.8905
published_at 2026-04-13T12:55:00Z
9
value 0.04438
scoring_system epss
scoring_elements 0.89064
published_at 2026-04-16T12:55:00Z
10
value 0.04438
scoring_system epss
scoring_elements 0.89063
published_at 2026-04-18T12:55:00Z
11
value 0.04438
scoring_system epss
scoring_elements 0.89059
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14397
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860344
reference_id 1860344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860344
5
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
6
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
7
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14397
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyp-1xhm-13au
13
url VCID-sgkq-a36z-gyfp
vulnerability_id VCID-sgkq-a36z-gyfp
summary libvncserver: buffer overflow in ConnectClientToUnixSock()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20839
reference_id
reference_type
scores
0
value 0.04081
scoring_system epss
scoring_elements 0.88505
published_at 2026-04-01T12:55:00Z
1
value 0.04081
scoring_system epss
scoring_elements 0.88513
published_at 2026-04-02T12:55:00Z
2
value 0.04081
scoring_system epss
scoring_elements 0.8853
published_at 2026-04-04T12:55:00Z
3
value 0.04081
scoring_system epss
scoring_elements 0.88534
published_at 2026-04-07T12:55:00Z
4
value 0.04081
scoring_system epss
scoring_elements 0.88553
published_at 2026-04-08T12:55:00Z
5
value 0.04081
scoring_system epss
scoring_elements 0.88557
published_at 2026-04-09T12:55:00Z
6
value 0.04081
scoring_system epss
scoring_elements 0.88569
published_at 2026-04-21T12:55:00Z
7
value 0.04081
scoring_system epss
scoring_elements 0.88561
published_at 2026-04-13T12:55:00Z
8
value 0.04081
scoring_system epss
scoring_elements 0.88575
published_at 2026-04-16T12:55:00Z
9
value 0.04081
scoring_system epss
scoring_elements 0.88571
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20839
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1849877
reference_id 1849877
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1849877
5
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
6
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2019-20839
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgkq-a36z-gyfp
14
url VCID-tj14-ykx8-qqgn
vulnerability_id VCID-tj14-ykx8-qqgn
summary libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20788.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20788
reference_id
reference_type
scores
0
value 0.00796
scoring_system epss
scoring_elements 0.7402
published_at 2026-04-21T12:55:00Z
1
value 0.00796
scoring_system epss
scoring_elements 0.73929
published_at 2026-04-01T12:55:00Z
2
value 0.00796
scoring_system epss
scoring_elements 0.73938
published_at 2026-04-02T12:55:00Z
3
value 0.00796
scoring_system epss
scoring_elements 0.73964
published_at 2026-04-04T12:55:00Z
4
value 0.00796
scoring_system epss
scoring_elements 0.73935
published_at 2026-04-07T12:55:00Z
5
value 0.00796
scoring_system epss
scoring_elements 0.73969
published_at 2026-04-08T12:55:00Z
6
value 0.00796
scoring_system epss
scoring_elements 0.73983
published_at 2026-04-09T12:55:00Z
7
value 0.00796
scoring_system epss
scoring_elements 0.74006
published_at 2026-04-11T12:55:00Z
8
value 0.00796
scoring_system epss
scoring_elements 0.73988
published_at 2026-04-12T12:55:00Z
9
value 0.00796
scoring_system epss
scoring_elements 0.73979
published_at 2026-04-13T12:55:00Z
10
value 0.00796
scoring_system epss
scoring_elements 0.74019
published_at 2026-04-16T12:55:00Z
11
value 0.00796
scoring_system epss
scoring_elements 0.74028
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1829870
reference_id 1829870
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1829870
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163
reference_id 954163
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163
6
reference_url https://access.redhat.com/errata/RHSA-2020:0913
reference_id RHSA-2020:0913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0913
7
reference_url https://access.redhat.com/errata/RHSA-2020:0920
reference_id RHSA-2020:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0920
8
reference_url https://access.redhat.com/errata/RHSA-2020:0921
reference_id RHSA-2020:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0921
9
reference_url https://usn.ubuntu.com/4407-1/
reference_id USN-4407-1
reference_type
scores
url https://usn.ubuntu.com/4407-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2019-20788
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tj14-ykx8-qqgn
15
url VCID-tnzy-mktx-e7fm
vulnerability_id VCID-tnzy-mktx-e7fm
summary libvncserver: a memory leak via the function rfbClientCleanup() may lead to a DoS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29260.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29260.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-29260
reference_id
reference_type
scores
0
value 0.00236
scoring_system epss
scoring_elements 0.46493
published_at 2026-04-01T12:55:00Z
1
value 0.00236
scoring_system epss
scoring_elements 0.46531
published_at 2026-04-02T12:55:00Z
2
value 0.00236
scoring_system epss
scoring_elements 0.46551
published_at 2026-04-04T12:55:00Z
3
value 0.00236
scoring_system epss
scoring_elements 0.465
published_at 2026-04-07T12:55:00Z
4
value 0.00236
scoring_system epss
scoring_elements 0.46555
published_at 2026-04-09T12:55:00Z
5
value 0.00236
scoring_system epss
scoring_elements 0.46578
published_at 2026-04-11T12:55:00Z
6
value 0.00236
scoring_system epss
scoring_elements 0.4655
published_at 2026-04-12T12:55:00Z
7
value 0.00236
scoring_system epss
scoring_elements 0.46559
published_at 2026-04-21T12:55:00Z
8
value 0.00236
scoring_system epss
scoring_elements 0.46615
published_at 2026-04-16T12:55:00Z
9
value 0.00236
scoring_system epss
scoring_elements 0.46613
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-29260
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29260
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019228
reference_id 1019228
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019228
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2124164
reference_id 2124164
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2124164
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-29260
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnzy-mktx-e7fm
16
url VCID-wzpf-4nu7-xyc6
vulnerability_id VCID-wzpf-4nu7-xyc6
summary libvncserver: libvncclient/rfbproto.c does not limit TextChat size
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14405
reference_id
reference_type
scores
0
value 0.01448
scoring_system epss
scoring_elements 0.80698
published_at 2026-04-01T12:55:00Z
1
value 0.01448
scoring_system epss
scoring_elements 0.80708
published_at 2026-04-02T12:55:00Z
2
value 0.01448
scoring_system epss
scoring_elements 0.80729
published_at 2026-04-04T12:55:00Z
3
value 0.01448
scoring_system epss
scoring_elements 0.80725
published_at 2026-04-07T12:55:00Z
4
value 0.01448
scoring_system epss
scoring_elements 0.80753
published_at 2026-04-08T12:55:00Z
5
value 0.01448
scoring_system epss
scoring_elements 0.80761
published_at 2026-04-09T12:55:00Z
6
value 0.01448
scoring_system epss
scoring_elements 0.80778
published_at 2026-04-11T12:55:00Z
7
value 0.01448
scoring_system epss
scoring_elements 0.80762
published_at 2026-04-12T12:55:00Z
8
value 0.01448
scoring_system epss
scoring_elements 0.80754
published_at 2026-04-13T12:55:00Z
9
value 0.01448
scoring_system epss
scoring_elements 0.80791
published_at 2026-04-16T12:55:00Z
10
value 0.01448
scoring_system epss
scoring_elements 0.80792
published_at 2026-04-18T12:55:00Z
11
value 0.01448
scoring_system epss
scoring_elements 0.80793
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14405
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860325
reference_id 1860325
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860325
5
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
6
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14405
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzpf-4nu7-xyc6
17
url VCID-x78k-5wm4-kkaj
vulnerability_id VCID-x78k-5wm4-kkaj
summary libvncserver: byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14400
reference_id
reference_type
scores
0
value 0.02477
scoring_system epss
scoring_elements 0.85301
published_at 2026-04-21T12:55:00Z
1
value 0.02477
scoring_system epss
scoring_elements 0.85211
published_at 2026-04-01T12:55:00Z
2
value 0.02477
scoring_system epss
scoring_elements 0.85223
published_at 2026-04-02T12:55:00Z
3
value 0.02477
scoring_system epss
scoring_elements 0.85241
published_at 2026-04-04T12:55:00Z
4
value 0.02477
scoring_system epss
scoring_elements 0.85244
published_at 2026-04-07T12:55:00Z
5
value 0.02477
scoring_system epss
scoring_elements 0.85266
published_at 2026-04-08T12:55:00Z
6
value 0.02477
scoring_system epss
scoring_elements 0.85274
published_at 2026-04-09T12:55:00Z
7
value 0.02477
scoring_system epss
scoring_elements 0.85288
published_at 2026-04-11T12:55:00Z
8
value 0.02477
scoring_system epss
scoring_elements 0.85286
published_at 2026-04-12T12:55:00Z
9
value 0.02477
scoring_system epss
scoring_elements 0.85283
published_at 2026-04-13T12:55:00Z
10
value 0.02477
scoring_system epss
scoring_elements 0.85304
published_at 2026-04-16T12:55:00Z
11
value 0.02477
scoring_system epss
scoring_elements 0.85305
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14400
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860361
reference_id 1860361
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860361
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-81pq-5gvp-zfgw
1
vulnerability VCID-aphg-42c4-9yct
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1
aliases CVE-2020-14400
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x78k-5wm4-kkaj
Fixing_vulnerabilities
0
url VCID-p9tk-fn6b-cbbv
vulnerability_id VCID-p9tk-fn6b-cbbv
summary libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20748.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20748.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20748
reference_id
reference_type
scores
0
value 0.10572
scoring_system epss
scoring_elements 0.93246
published_at 2026-04-01T12:55:00Z
1
value 0.10572
scoring_system epss
scoring_elements 0.93254
published_at 2026-04-02T12:55:00Z
2
value 0.10572
scoring_system epss
scoring_elements 0.93259
published_at 2026-04-04T12:55:00Z
3
value 0.10572
scoring_system epss
scoring_elements 0.93258
published_at 2026-04-07T12:55:00Z
4
value 0.10572
scoring_system epss
scoring_elements 0.93267
published_at 2026-04-08T12:55:00Z
5
value 0.10572
scoring_system epss
scoring_elements 0.93271
published_at 2026-04-09T12:55:00Z
6
value 0.10572
scoring_system epss
scoring_elements 0.93275
published_at 2026-04-13T12:55:00Z
7
value 0.10572
scoring_system epss
scoring_elements 0.93273
published_at 2026-04-12T12:55:00Z
8
value 0.10572
scoring_system epss
scoring_elements 0.93292
published_at 2026-04-16T12:55:00Z
9
value 0.10572
scoring_system epss
scoring_elements 0.93297
published_at 2026-04-18T12:55:00Z
10
value 0.10572
scoring_system epss
scoring_elements 0.93304
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20748
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20748
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1671407
reference_id 1671407
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1671407
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
reference_id 920941
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
6
reference_url https://usn.ubuntu.com/3877-1/
reference_id USN-3877-1
reference_type
scores
url https://usn.ubuntu.com/3877-1/
7
reference_url https://usn.ubuntu.com/4547-1/
reference_id USN-4547-1
reference_type
scores
url https://usn.ubuntu.com/4547-1/
8
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
purl pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6w3g-x86a-sfbj
1
vulnerability VCID-7taj-t1kg-h3a9
2
vulnerability VCID-9eyh-gzse-8qdk
3
vulnerability VCID-d3c1-uv78-a7cj
4
vulnerability VCID-dmax-ew5t-4fg4
5
vulnerability VCID-dzex-yhec-uydq
6
vulnerability VCID-j4kf-j3t8-fbfb
7
vulnerability VCID-kzk2-vaa2-6bfa
8
vulnerability VCID-nxh7-7s8e-g3ec
9
vulnerability VCID-q3t7-3yq6-gkan
10
vulnerability VCID-q4eg-8ph7-nfer
11
vulnerability VCID-qde7-y8q2-2bgq
12
vulnerability VCID-qfyp-1xhm-13au
13
vulnerability VCID-sgkq-a36z-gyfp
14
vulnerability VCID-tj14-ykx8-qqgn
15
vulnerability VCID-tnzy-mktx-e7fm
16
vulnerability VCID-wzpf-4nu7-xyc6
17
vulnerability VCID-x78k-5wm4-kkaj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%252Bdeb10u4
aliases CVE-2018-20748
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9tk-fn6b-cbbv
1
url VCID-qukp-tx5e-6yhe
vulnerability_id VCID-qukp-tx5e-6yhe
summary libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20750.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20750.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20750
reference_id
reference_type
scores
0
value 0.10369
scoring_system epss
scoring_elements 0.93175
published_at 2026-04-01T12:55:00Z
1
value 0.10369
scoring_system epss
scoring_elements 0.93185
published_at 2026-04-02T12:55:00Z
2
value 0.10369
scoring_system epss
scoring_elements 0.93189
published_at 2026-04-04T12:55:00Z
3
value 0.10369
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-07T12:55:00Z
4
value 0.10369
scoring_system epss
scoring_elements 0.93196
published_at 2026-04-08T12:55:00Z
5
value 0.10369
scoring_system epss
scoring_elements 0.932
published_at 2026-04-09T12:55:00Z
6
value 0.10369
scoring_system epss
scoring_elements 0.93205
published_at 2026-04-11T12:55:00Z
7
value 0.10369
scoring_system epss
scoring_elements 0.93202
published_at 2026-04-12T12:55:00Z
8
value 0.10369
scoring_system epss
scoring_elements 0.93204
published_at 2026-04-13T12:55:00Z
9
value 0.10369
scoring_system epss
scoring_elements 0.93219
published_at 2026-04-16T12:55:00Z
10
value 0.10369
scoring_system epss
scoring_elements 0.93224
published_at 2026-04-18T12:55:00Z
11
value 0.10369
scoring_system epss
scoring_elements 0.93232
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20750
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20750
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20750
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1671405
reference_id 1671405
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1671405
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
reference_id 920941
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
6
reference_url https://usn.ubuntu.com/3877-1/
reference_id USN-3877-1
reference_type
scores
url https://usn.ubuntu.com/3877-1/
7
reference_url https://usn.ubuntu.com/4547-1/
reference_id USN-4547-1
reference_type
scores
url https://usn.ubuntu.com/4547-1/
8
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
purl pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6w3g-x86a-sfbj
1
vulnerability VCID-7taj-t1kg-h3a9
2
vulnerability VCID-9eyh-gzse-8qdk
3
vulnerability VCID-d3c1-uv78-a7cj
4
vulnerability VCID-dmax-ew5t-4fg4
5
vulnerability VCID-dzex-yhec-uydq
6
vulnerability VCID-j4kf-j3t8-fbfb
7
vulnerability VCID-kzk2-vaa2-6bfa
8
vulnerability VCID-nxh7-7s8e-g3ec
9
vulnerability VCID-q3t7-3yq6-gkan
10
vulnerability VCID-q4eg-8ph7-nfer
11
vulnerability VCID-qde7-y8q2-2bgq
12
vulnerability VCID-qfyp-1xhm-13au
13
vulnerability VCID-sgkq-a36z-gyfp
14
vulnerability VCID-tj14-ykx8-qqgn
15
vulnerability VCID-tnzy-mktx-e7fm
16
vulnerability VCID-wzpf-4nu7-xyc6
17
vulnerability VCID-x78k-5wm4-kkaj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%252Bdeb10u4
aliases CVE-2018-20750
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qukp-tx5e-6yhe
2
url VCID-v7mt-jtes-h3bz
vulnerability_id VCID-v7mt-jtes-h3bz
summary libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20749.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20749.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20749
reference_id
reference_type
scores
0
value 0.10369
scoring_system epss
scoring_elements 0.93175
published_at 2026-04-01T12:55:00Z
1
value 0.10369
scoring_system epss
scoring_elements 0.93185
published_at 2026-04-02T12:55:00Z
2
value 0.10369
scoring_system epss
scoring_elements 0.93189
published_at 2026-04-04T12:55:00Z
3
value 0.10369
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-07T12:55:00Z
4
value 0.10369
scoring_system epss
scoring_elements 0.93196
published_at 2026-04-08T12:55:00Z
5
value 0.10369
scoring_system epss
scoring_elements 0.932
published_at 2026-04-09T12:55:00Z
6
value 0.10369
scoring_system epss
scoring_elements 0.93205
published_at 2026-04-11T12:55:00Z
7
value 0.10369
scoring_system epss
scoring_elements 0.93202
published_at 2026-04-12T12:55:00Z
8
value 0.10369
scoring_system epss
scoring_elements 0.93204
published_at 2026-04-13T12:55:00Z
9
value 0.10369
scoring_system epss
scoring_elements 0.93219
published_at 2026-04-16T12:55:00Z
10
value 0.10369
scoring_system epss
scoring_elements 0.93224
published_at 2026-04-18T12:55:00Z
11
value 0.10369
scoring_system epss
scoring_elements 0.93232
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20749
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20749
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20749
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1671403
reference_id 1671403
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1671403
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
reference_id 920941
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
6
reference_url https://usn.ubuntu.com/3877-1/
reference_id USN-3877-1
reference_type
scores
url https://usn.ubuntu.com/3877-1/
7
reference_url https://usn.ubuntu.com/4547-1/
reference_id USN-4547-1
reference_type
scores
url https://usn.ubuntu.com/4547-1/
8
reference_url https://usn.ubuntu.com/4587-1/
reference_id USN-4587-1
reference_type
scores
url https://usn.ubuntu.com/4587-1/
fixed_packages
0
url pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
purl pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6w3g-x86a-sfbj
1
vulnerability VCID-7taj-t1kg-h3a9
2
vulnerability VCID-9eyh-gzse-8qdk
3
vulnerability VCID-d3c1-uv78-a7cj
4
vulnerability VCID-dmax-ew5t-4fg4
5
vulnerability VCID-dzex-yhec-uydq
6
vulnerability VCID-j4kf-j3t8-fbfb
7
vulnerability VCID-kzk2-vaa2-6bfa
8
vulnerability VCID-nxh7-7s8e-g3ec
9
vulnerability VCID-q3t7-3yq6-gkan
10
vulnerability VCID-q4eg-8ph7-nfer
11
vulnerability VCID-qde7-y8q2-2bgq
12
vulnerability VCID-qfyp-1xhm-13au
13
vulnerability VCID-sgkq-a36z-gyfp
14
vulnerability VCID-tj14-ykx8-qqgn
15
vulnerability VCID-tnzy-mktx-e7fm
16
vulnerability VCID-wzpf-4nu7-xyc6
17
vulnerability VCID-x78k-5wm4-kkaj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%252Bdeb10u4
aliases CVE-2018-20749
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7mt-jtes-h3bz
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%252Bdeb10u4