Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

Type deb

Namespace debian

Name libvncserver

Version 0.9.13+dfsg-2+deb11u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable true

Next_non_vulnerable_version 0.9.13+dfsg-5

Latest_non_vulnerable_version 0.9.15+dfsg-4

Affected_by_vulnerabilities

url VCID-81pq-5gvp-zfgw

vulnerability_id VCID-81pq-5gvp-zfgw

summary LibVNCServer: LibVNCServer: Denial of Service via specially crafted HTTP requests

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32854.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32854.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32854

reference_id

reference_type

scores

value	0.01368
scoring_system	epss
scoring_elements	0.8024
published_at	2026-04-21T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82555
published_at	2026-04-02T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82592
published_at	2026-04-08T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.826
published_at	2026-04-09T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82618
published_at	2026-04-11T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82612
published_at	2026-04-12T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82607
published_at	2026-04-13T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82644
published_at	2026-04-16T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82645
published_at	2026-04-18T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.8257
published_at	2026-04-04T12:55:00Z

value	0.01761
scoring_system	epss
scoring_elements	0.82566
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32854

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132017
reference_id	1132017
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132017

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450845
reference_id	2450845
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450845

reference_url

https://github.com/LibVNC/libvncserver/commit/dc78dee51a7e270e537a541a17befdf2073f5314

reference_id

dc78dee51a7e270e537a541a17befdf2073f5314

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T03:52:09Z/

url

https://github.com/LibVNC/libvncserver/commit/dc78dee51a7e270e537a541a17befdf2073f5314

reference_url

https://github.com/LibVNC/libvncserver/security/advisories/GHSA-xjp8-4qqv-5x4x

reference_id

GHSA-xjp8-4qqv-5x4x

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T03:52:09Z/

url

https://github.com/LibVNC/libvncserver/security/advisories/GHSA-xjp8-4qqv-5x4x

reference_url

https://www.vulncheck.com/advisories/libvncserver-httpd-proxy-null-pointer-dereference

reference_id

libvncserver-httpd-proxy-null-pointer-dereference

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T03:52:09Z/

url

https://www.vulncheck.com/advisories/libvncserver-httpd-proxy-null-pointer-dereference

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2026-32854

risk_score 2.9

exploitability 0.5

weighted_severity 5.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81pq-5gvp-zfgw

url VCID-aphg-42c4-9yct

vulnerability_id VCID-aphg-42c4-9yct

summary LibVNCServer: LibVNCServer: Information disclosure or Denial of Service via heap out-of-bounds read in UltraZip encoding

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32853.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32853.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32853

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12237
published_at	2026-04-02T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12129
published_at	2026-04-21T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12161
published_at	2026-04-08T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12212
published_at	2026-04-09T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12221
published_at	2026-04-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12184
published_at	2026-04-12T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12149
published_at	2026-04-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12018
published_at	2026-04-16T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12015
published_at	2026-04-18T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12281
published_at	2026-04-04T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1208
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32853

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32853
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32853

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/LibVNC/libvncserver/commit/009008e2f4d5a54dd71f422070df3af7b3dbc931

reference_id

009008e2f4d5a54dd71f422070df3af7b3dbc931

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:41:12Z/

url

https://github.com/LibVNC/libvncserver/commit/009008e2f4d5a54dd71f422070df3af7b3dbc931

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132016
reference_id	1132016
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132016

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450843
reference_id	2450843
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450843

reference_url

https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj

reference_id

GHSA-87q7-v983-qwcj

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:41:12Z/

url

https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj

reference_url

https://www.vulncheck.com/advisories/libvncserver-ultrazip-encoding-heap-out-of-bounds-read

reference_id

libvncserver-ultrazip-encoding-heap-out-of-bounds-read

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:41:12Z/

url

https://www.vulncheck.com/advisories/libvncserver-ultrazip-encoding-heap-out-of-bounds-read

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2026-32853

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aphg-42c4-9yct

Fixing_vulnerabilities

url VCID-1d5d-ajfs-tffv

vulnerability_id VCID-1d5d-ajfs-tffv

summary

Multiple vulnerabilities have been found in
    LibVNCServer/LibVNCClient, the worst of which allows remote attackers to
    execute arbitrary code when connecting to a malicious server.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9941.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9941.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9941

reference_id

reference_type

scores

value	0.00836
scoring_system	epss
scoring_elements	0.74598
published_at	2026-04-01T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74688
published_at	2026-04-18T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74643
published_at	2026-04-13T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.7468
published_at	2026-04-21T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74602
published_at	2026-04-02T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74628
published_at	2026-04-04T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74603
published_at	2026-04-07T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74634
published_at	2026-04-08T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74649
published_at	2026-04-09T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74672
published_at	2026-04-11T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74651
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9941

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1410166
reference_id	1410166
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1410166

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850007
reference_id	850007
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850007

reference_url	https://security.archlinux.org/ASA-201701-20
reference_id	ASA-201701-20
reference_type
scores
url	https://security.archlinux.org/ASA-201701-20

reference_url

https://security.archlinux.org/AVG-124

reference_id

AVG-124

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-124

reference_url	https://security.gentoo.org/glsa/201702-24
reference_id	GLSA-201702-24
reference_type
scores
url	https://security.gentoo.org/glsa/201702-24

reference_url	https://usn.ubuntu.com/3171-1/
reference_id	USN-3171-1
reference_type
scores
url	https://usn.ubuntu.com/3171-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2016-9941

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1d5d-ajfs-tffv

url VCID-1hmm-y54k-3uhm

vulnerability_id VCID-1hmm-y54k-3uhm

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6053

reference_id

reference_type

scores

value	0.36865
scoring_system	epss
scoring_elements	0.97162
published_at	2026-04-21T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97118
published_at	2026-04-01T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97125
published_at	2026-04-02T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97132
published_at	2026-04-07T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97142
published_at	2026-04-09T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97146
published_at	2026-04-11T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97148
published_at	2026-04-13T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97156
published_at	2026-04-16T12:55:00Z

value	0.36865
scoring_system	epss
scoring_elements	0.97157
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055

reference_url	http://seclists.org/oss-sec/2014/q3/639
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/639

reference_url	http://secunia.com/advisories/61506
reference_id
reference_type
scores
url	http://secunia.com/advisories/61506

reference_url	http://secunia.com/advisories/61682
reference_id
reference_type
scores
url	http://secunia.com/advisories/61682

reference_url	https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28
reference_id
reference_type
scores
url	https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html

reference_url	http://ubuntu.com/usn/usn-2365-1
reference_id
reference_type
scores
url	http://ubuntu.com/usn/usn-2365-1

reference_url	http://www.debian.org/security/2014/dsa-3081
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3081

reference_url	http://www.ocert.org/advisories/ocert-2014-007.html
reference_id
reference_type
scores
url	http://www.ocert.org/advisories/ocert-2014-007.html

reference_url	http://www.openwall.com/lists/oss-security/2014/09/25/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/25/11

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1144289
reference_id	1144289
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1144289

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
reference_id	762745
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id	945784
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::
reference_id	cpe:2.3:a:libvncserver:libvncserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-6053

reference_id

CVE-2014-6053

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-6053

reference_url	https://security.gentoo.org/glsa/201507-07
reference_id	GLSA-201507-07
reference_type
scores
url	https://security.gentoo.org/glsa/201507-07

reference_url	https://access.redhat.com/errata/RHSA-2014:1826
reference_id	RHSA-2014:1826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1826

reference_url	https://access.redhat.com/errata/RHSA-2014:1827
reference_id	RHSA-2014:1827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1827

reference_url	https://usn.ubuntu.com/2365-1/
reference_id	USN-2365-1
reference_type
scores
url	https://usn.ubuntu.com/2365-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2014-6053

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hmm-y54k-3uhm

url VCID-377b-31s1-b3ek

vulnerability_id VCID-377b-31s1-b3ek

summary

Multiple vulnerabilities have been found in
    LibVNCServer/LibVNCClient, the worst of which allows remote attackers to
    execute arbitrary code when connecting to a malicious server.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9942.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9942.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9942

reference_id

reference_type

scores

value	0.00836
scoring_system	epss
scoring_elements	0.74598
published_at	2026-04-01T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74688
published_at	2026-04-18T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74643
published_at	2026-04-13T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.7468
published_at	2026-04-21T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74602
published_at	2026-04-02T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74628
published_at	2026-04-04T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74603
published_at	2026-04-07T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74634
published_at	2026-04-08T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74649
published_at	2026-04-09T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74672
published_at	2026-04-11T12:55:00Z

value	0.00836
scoring_system	epss
scoring_elements	0.74651
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1410168
reference_id	1410168
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1410168

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850008
reference_id	850008
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850008

reference_url	https://security.archlinux.org/ASA-201701-20
reference_id	ASA-201701-20
reference_type
scores
url	https://security.archlinux.org/ASA-201701-20

reference_url

https://security.archlinux.org/AVG-124

reference_id

AVG-124

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-124

reference_url	https://security.gentoo.org/glsa/201702-24
reference_id	GLSA-201702-24
reference_type
scores
url	https://security.gentoo.org/glsa/201702-24

reference_url	https://usn.ubuntu.com/3171-1/
reference_id	USN-3171-1
reference_type
scores
url	https://usn.ubuntu.com/3171-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2016-9942

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-377b-31s1-b3ek

url VCID-3817-suhy-xfhd

vulnerability_id VCID-3817-suhy-xfhd

summary

Multiple vulnerabilities have been found in ssvnc, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20020.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20020.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20020

reference_id

reference_type

scores

value	0.2103
scoring_system	epss
scoring_elements	0.95607
published_at	2026-04-01T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95616
published_at	2026-04-02T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95621
published_at	2026-04-04T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95624
published_at	2026-04-07T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95632
published_at	2026-04-08T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95636
published_at	2026-04-09T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95641
published_at	2026-04-11T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.9564
published_at	2026-04-12T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95643
published_at	2026-04-13T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95651
published_at	2026-04-16T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95655
published_at	2026-04-18T12:55:00Z

value	0.2103
scoring_system	epss
scoring_elements	0.95656
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661117
reference_id	1661117
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661117

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827
reference_id	945827
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://security.gentoo.org/glsa/202006-06
reference_id	GLSA-202006-06
reference_type
scores
url	https://security.gentoo.org/glsa/202006-06

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4547-2/
reference_id	USN-4547-2
reference_type
scores
url	https://usn.ubuntu.com/4547-2/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20020

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3817-suhy-xfhd

url VCID-6cgs-ggbr-rqdg

vulnerability_id VCID-6cgs-ggbr-rqdg

summary

VNC servers created with LibVNCServer accept insecure protocol types, even
    when the server does not offer it, resulting in unauthorized access to the
    server.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2450.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2450.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-2450

reference_id

reference_type

scores

value	0.03222
scoring_system	epss
scoring_elements	0.87001
published_at	2026-04-01T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87012
published_at	2026-04-02T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.8703
published_at	2026-04-04T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87023
published_at	2026-04-07T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87043
published_at	2026-04-08T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87051
published_at	2026-04-09T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87064
published_at	2026-04-11T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87059
published_at	2026-04-12T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87053
published_at	2026-04-13T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.8707
published_at	2026-04-21T12:55:00Z

value	0.03222
scoring_system	epss
scoring_elements	0.87074
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-2450

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824
reference_id	376824
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824

reference_url	https://security.gentoo.org/glsa/200608-05
reference_id	GLSA-200608-05
reference_type
scores
url	https://security.gentoo.org/glsa/200608-05

reference_url	https://security.gentoo.org/glsa/200608-12
reference_id	GLSA-200608-12
reference_type
scores
url	https://security.gentoo.org/glsa/200608-12

reference_url	https://security.gentoo.org/glsa/200703-19
reference_id	GLSA-200703-19
reference_type
scores
url	https://security.gentoo.org/glsa/200703-19

fixed_packages

url	pkg:deb/debian/libvncserver@0.8.2-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.8.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.8.2-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2006-2450

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6cgs-ggbr-rqdg

url VCID-6w3g-x86a-sfbj

vulnerability_id VCID-6w3g-x86a-sfbj

summary libvncserver: libvncserver/corre.c allows out-of-bounds access via encodings

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14402

reference_id

reference_type

scores

value	0.02216
scoring_system	epss
scoring_elements	0.8441
published_at	2026-04-01T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84425
published_at	2026-04-02T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84444
published_at	2026-04-04T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84446
published_at	2026-04-07T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84468
published_at	2026-04-08T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84474
published_at	2026-04-09T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84492
published_at	2026-04-11T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84486
published_at	2026-04-12T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84481
published_at	2026-04-13T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84503
published_at	2026-04-16T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84504
published_at	2026-04-18T12:55:00Z

value	0.02216
scoring_system	epss
scoring_elements	0.84506
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860367
reference_id	1860367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860367

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14402

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6w3g-x86a-sfbj

url VCID-7taj-t1kg-h3a9

vulnerability_id VCID-7taj-t1kg-h3a9

summary libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25708

reference_id

reference_type

scores

value	0.0071
scoring_system	epss
scoring_elements	0.72252
published_at	2026-04-21T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72255
published_at	2026-04-16T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72265
published_at	2026-04-18T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73708
published_at	2026-04-07T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73743
published_at	2026-04-08T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73756
published_at	2026-04-09T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73778
published_at	2026-04-11T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.7376
published_at	2026-04-12T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73751
published_at	2026-04-13T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73703
published_at	2026-04-01T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73713
published_at	2026-04-02T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.73736
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1896739
reference_id	1896739
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1896739

reference_url	https://access.redhat.com/errata/RHSA-2021:1811
reference_id	RHSA-2021:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1811

reference_url	https://usn.ubuntu.com/4636-1/
reference_id	USN-4636-1
reference_type
scores
url	https://usn.ubuntu.com/4636-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-25708

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7taj-t1kg-h3a9

url VCID-9eyh-gzse-8qdk

vulnerability_id VCID-9eyh-gzse-8qdk

summary libvncserver: libvncserver/scale.c has a pixel_value integer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14401

reference_id

reference_type

scores

value	0.01613
scoring_system	epss
scoring_elements	0.81711
published_at	2026-04-01T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81721
published_at	2026-04-02T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81745
published_at	2026-04-04T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81741
published_at	2026-04-07T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81768
published_at	2026-04-08T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81773
published_at	2026-04-09T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81792
published_at	2026-04-11T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.8178
published_at	2026-04-12T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81776
published_at	2026-04-13T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81813
published_at	2026-04-18T12:55:00Z

value	0.01613
scoring_system	epss
scoring_elements	0.81816
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860364
reference_id	1860364
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860364

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14401

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9eyh-gzse-8qdk

url VCID-9nha-t527-rfhs

vulnerability_id VCID-9nha-t527-rfhs

summary

Multiple vulnerabilities have been found in LibVNCServer, the worst
    of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20023.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20023

reference_id

reference_type

scores

value	0.00856
scoring_system	epss
scoring_elements	0.74918
published_at	2026-04-01T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74921
published_at	2026-04-02T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.7495
published_at	2026-04-04T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74924
published_at	2026-04-07T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74957
published_at	2026-04-08T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74969
published_at	2026-04-09T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74992
published_at	2026-04-11T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74971
published_at	2026-04-12T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74961
published_at	2026-04-13T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74998
published_at	2026-04-16T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.75005
published_at	2026-04-18T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74995
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661128
reference_id	1661128
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661128

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20023

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9nha-t527-rfhs

url VCID-bngs-4nkn-rbh1

vulnerability_id VCID-bngs-4nkn-rbh1

summary

Multiple vulnerabilities have been found in ssvnc, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20022.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20022.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20022

reference_id

reference_type

scores

value	0.06177
scoring_system	epss
scoring_elements	0.9079
published_at	2026-04-01T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90796
published_at	2026-04-02T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90808
published_at	2026-04-04T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90818
published_at	2026-04-07T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90829
published_at	2026-04-08T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90836
published_at	2026-04-09T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90844
published_at	2026-04-12T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90842
published_at	2026-04-13T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90866
published_at	2026-04-16T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90864
published_at	2026-04-18T12:55:00Z

value	0.06177
scoring_system	epss
scoring_elements	0.90863
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661123
reference_id	1661123
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661123

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827
reference_id	945827
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://security.gentoo.org/glsa/202006-06
reference_id	GLSA-202006-06
reference_type
scores
url	https://security.gentoo.org/glsa/202006-06

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4547-2/
reference_id	USN-4547-2
reference_type
scores
url	https://usn.ubuntu.com/4547-2/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20022

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bngs-4nkn-rbh1

url VCID-ce4w-vd75-n3gg

vulnerability_id VCID-ce4w-vd75-n3gg

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2012. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news
reference_id
reference_type
scores
url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news

reference_url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news
reference_id
reference_type
scores
url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news

reference_url	http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news
reference_id
reference_type
scores
url	http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news

reference_url	http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0

reference_url	http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f

reference_url	http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279

reference_url	http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a

reference_url	http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4

reference_url	http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d

reference_url	http://git.gnome.org/browse/vino/log/?h=gnome-2-30
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/log/?h=gnome-2-30

reference_url	http://git.gnome.org/browse/vino/tree/NEWS
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/tree/NEWS

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0169.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0169.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0905

reference_id

reference_type

scores

value	0.01211
scoring_system	epss
scoring_elements	0.79018
published_at	2026-04-21T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78947
published_at	2026-04-01T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78953
published_at	2026-04-02T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.7898
published_at	2026-04-04T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78965
published_at	2026-04-07T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78989
published_at	2026-04-08T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78995
published_at	2026-04-09T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.7902
published_at	2026-04-18T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.79005
published_at	2026-04-12T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78994
published_at	2026-04-13T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.79022
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0905

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=641803
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=641803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905

reference_url	http://secunia.com/advisories/44410
reference_id
reference_type
scores
url	http://secunia.com/advisories/44410

reference_url	http://secunia.com/advisories/44463
reference_id
reference_type
scores
url	http://secunia.com/advisories/44463

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/67244
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/67244

reference_url	http://www.debian.org/security/2011/dsa-2238
reference_id
reference_type
scores
url	http://www.debian.org/security/2011/dsa-2238

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:087
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:087

reference_url	http://www.securityfocus.com/bid/47681
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/47681

reference_url	http://www.ubuntu.com/usn/usn-1128-1/
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-1128-1/

reference_url	http://www.vupen.com/english/advisories/2011/1144
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/1144

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=694456
reference_id	694456
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=694456

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.13.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.18.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.22.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.22.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.24.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.26.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.26.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.28.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.28.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.32.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:::::::*
reference_id	cpe:2.3:a:david_king:vino:3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0905

reference_id

CVE-2011-0905

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0905

reference_url	https://security.gentoo.org/glsa/201412-09
reference_id	GLSA-201412-09
reference_type
scores
url	https://security.gentoo.org/glsa/201412-09

reference_url	https://access.redhat.com/errata/RHSA-2013:0169
reference_id	RHSA-2013:0169
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0169

reference_url	https://usn.ubuntu.com/1128-1/
reference_id	USN-1128-1
reference_type
scores
url	https://usn.ubuntu.com/1128-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0?distro=trixie
purl	pkg:deb/debian/libvncserver@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2011-0905

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ce4w-vd75-n3gg

url VCID-d3c1-uv78-a7cj

vulnerability_id VCID-d3c1-uv78-a7cj

summary libvncserver: libvncserver/rre.c allows out-of-bounds access via encodings

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14404

reference_id

reference_type

scores

value	0.01332
scoring_system	epss
scoring_elements	0.79907
published_at	2026-04-01T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79914
published_at	2026-04-02T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79935
published_at	2026-04-04T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79923
published_at	2026-04-07T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79952
published_at	2026-04-08T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79961
published_at	2026-04-09T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79981
published_at	2026-04-11T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79964
published_at	2026-04-12T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79956
published_at	2026-04-13T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79984
published_at	2026-04-18T12:55:00Z

value	0.01332
scoring_system	epss
scoring_elements	0.79987
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860337
reference_id	1860337
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860337

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14404

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3c1-uv78-a7cj

url VCID-dmax-ew5t-4fg4

vulnerability_id VCID-dmax-ew5t-4fg4

summary libvncserver: libvncclient/tls_openssl.c has a NULL pointer dereference

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14396

reference_id

reference_type

scores

value	0.01582
scoring_system	epss
scoring_elements	0.81513
published_at	2026-04-01T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81525
published_at	2026-04-02T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81546
published_at	2026-04-04T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81545
published_at	2026-04-07T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81572
published_at	2026-04-08T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81578
published_at	2026-04-09T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81598
published_at	2026-04-11T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81586
published_at	2026-04-12T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81579
published_at	2026-04-13T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81616
published_at	2026-04-16T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81617
published_at	2026-04-18T12:55:00Z

value	0.01582
scoring_system	epss
scoring_elements	0.81621
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14396

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860340
reference_id	1860340
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860340

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14396

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmax-ew5t-4fg4

url VCID-du88-cbhp-rkcc

vulnerability_id VCID-du88-cbhp-rkcc

summary

Multiple vulnerabilities have been found in ssvnc, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20021.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20021.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20021

reference_id

reference_type

scores

value	0.02552
scoring_system	epss
scoring_elements	0.85421
published_at	2026-04-01T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85433
published_at	2026-04-02T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85453
published_at	2026-04-04T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85456
published_at	2026-04-07T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85477
published_at	2026-04-08T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85485
published_at	2026-04-09T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85499
published_at	2026-04-11T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85498
published_at	2026-04-12T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85494
published_at	2026-04-13T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85518
published_at	2026-04-16T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85522
published_at	2026-04-18T12:55:00Z

value	0.02552
scoring_system	epss
scoring_elements	0.85519
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661120
reference_id	1661120
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661120

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827
reference_id	945827
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://security.gentoo.org/glsa/202006-06
reference_id	GLSA-202006-06
reference_type
scores
url	https://security.gentoo.org/glsa/202006-06

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4547-2/
reference_id	USN-4547-2
reference_type
scores
url	https://usn.ubuntu.com/4547-2/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20021

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-du88-cbhp-rkcc

url VCID-dzex-yhec-uydq

vulnerability_id VCID-dzex-yhec-uydq

summary libvncserver: websocket decoding buffer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18922.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18922.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18922

reference_id

reference_type

scores

value	0.04777
scoring_system	epss
scoring_elements	0.89423
published_at	2026-04-01T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89428
published_at	2026-04-02T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89439
published_at	2026-04-04T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89441
published_at	2026-04-07T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89457
published_at	2026-04-08T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89461
published_at	2026-04-09T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89469
published_at	2026-04-11T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89467
published_at	2026-04-12T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89463
published_at	2026-04-13T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89477
published_at	2026-04-16T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89478
published_at	2026-04-18T12:55:00Z

value	0.04777
scoring_system	epss
scoring_elements	0.89475
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18922

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1852356
reference_id	1852356
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1852356

reference_url	https://access.redhat.com/errata/RHSA-2020:3281
reference_id	RHSA-2020:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3281

reference_url	https://access.redhat.com/errata/RHSA-2020:3385
reference_id	RHSA-2020:3385
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3385

reference_url	https://access.redhat.com/errata/RHSA-2020:3456
reference_id	RHSA-2020:3456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3456

reference_url	https://access.redhat.com/errata/RHSA-2020:3588
reference_id	RHSA-2020:3588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3588

reference_url	https://usn.ubuntu.com/4407-1/
reference_id	USN-4407-1
reference_type
scores
url	https://usn.ubuntu.com/4407-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2017-18922

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzex-yhec-uydq

url VCID-e3u6-fpje-tubq

vulnerability_id VCID-e3u6-fpje-tubq

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15126.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15126.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-15126

reference_id

reference_type

scores

value	0.059
scoring_system	epss
scoring_elements	0.90553
published_at	2026-04-01T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90557
published_at	2026-04-02T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90568
published_at	2026-04-04T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90576
published_at	2026-04-07T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90588
published_at	2026-04-08T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90594
published_at	2026-04-09T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90603
published_at	2026-04-12T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90597
published_at	2026-04-13T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90616
published_at	2026-04-16T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.90613
published_at	2026-04-18T12:55:00Z

value	0.059
scoring_system	epss
scoring_elements	0.9061
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661110
reference_id	1661110
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661110

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-15126

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3u6-fpje-tubq

url VCID-efft-1f56-jqeq

vulnerability_id VCID-efft-1f56-jqeq

summary

Multiple vulnerabilities have been found in LibVNCServer, the worst
    of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7225.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7225.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-7225

reference_id

reference_type

scores

value	0.03256
scoring_system	epss
scoring_elements	0.87149
published_at	2026-04-21T12:55:00Z

value	0.03256
scoring_system	epss
scoring_elements	0.87131
published_at	2026-04-13T12:55:00Z

value	0.03256
scoring_system	epss
scoring_elements	0.87147
published_at	2026-04-16T12:55:00Z

value	0.03256
scoring_system	epss
scoring_elements	0.87152
published_at	2026-04-18T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88775
published_at	2026-04-02T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88793
published_at	2026-04-07T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.8881
published_at	2026-04-08T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88816
published_at	2026-04-09T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88828
published_at	2026-04-11T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88823
published_at	2026-04-12T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88767
published_at	2026-04-01T12:55:00Z

value	0.04263
scoring_system	epss
scoring_elements	0.88791
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7225

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1546858
reference_id	1546858
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1546858

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894045
reference_id	894045
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894045

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id	945784
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784

reference_url

https://security.archlinux.org/AVG-628

reference_id

AVG-628

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-628

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://access.redhat.com/errata/RHSA-2018:1055
reference_id	RHSA-2018:1055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1055

reference_url	https://usn.ubuntu.com/3618-1/
reference_id	USN-3618-1
reference_type
scores
url	https://usn.ubuntu.com/3618-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-7225

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efft-1f56-jqeq

url VCID-h8bk-uaqv-puap

vulnerability_id VCID-h8bk-uaqv-puap

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21247.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21247.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-21247

reference_id

reference_type

scores

value	0.01477
scoring_system	epss
scoring_elements	0.80914
published_at	2026-04-01T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.80923
published_at	2026-04-02T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.80945
published_at	2026-04-04T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.80942
published_at	2026-04-07T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.8097
published_at	2026-04-08T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.80977
published_at	2026-04-09T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.80994
published_at	2026-04-11T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.8098
published_at	2026-04-12T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.80972
published_at	2026-04-13T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.81009
published_at	2026-04-16T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.8101
published_at	2026-04-18T12:55:00Z

value	0.01477
scoring_system	epss
scoring_elements	0.81011
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849886
reference_id	1849886
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849886

reference_url	https://access.redhat.com/errata/RHSA-2021:1811
reference_id	RHSA-2021:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1811

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-21247

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8bk-uaqv-puap

url VCID-j4kf-j3t8-fbfb

vulnerability_id VCID-j4kf-j3t8-fbfb

summary libvncserver: an improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14398

reference_id

reference_type

scores

value	0.02271
scoring_system	epss
scoring_elements	0.84576
published_at	2026-04-01T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.8459
published_at	2026-04-02T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84611
published_at	2026-04-04T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84613
published_at	2026-04-07T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84634
published_at	2026-04-08T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84641
published_at	2026-04-09T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84659
published_at	2026-04-11T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84654
published_at	2026-04-12T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84649
published_at	2026-04-13T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.8467
published_at	2026-04-16T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84671
published_at	2026-04-18T12:55:00Z

value	0.02271
scoring_system	epss
scoring_elements	0.84672
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860348
reference_id	1860348
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860348

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14398

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4kf-j3t8-fbfb

url VCID-kzk2-vaa2-6bfa

vulnerability_id VCID-kzk2-vaa2-6bfa

summary libvncserver: byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14399

reference_id

reference_type

scores

value	0.02462
scoring_system	epss
scoring_elements	0.85266
published_at	2026-04-21T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85176
published_at	2026-04-01T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85187
published_at	2026-04-02T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85205
published_at	2026-04-04T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85206
published_at	2026-04-07T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85228
published_at	2026-04-08T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85236
published_at	2026-04-09T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85251
published_at	2026-04-11T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85249
published_at	2026-04-12T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85245
published_at	2026-04-13T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85265
published_at	2026-04-16T12:55:00Z

value	0.02462
scoring_system	epss
scoring_elements	0.85267
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860354
reference_id	1860354
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860354

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14399

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzk2-vaa2-6bfa

url VCID-nrnp-2yeq-y7ap

vulnerability_id VCID-nrnp-2yeq-y7ap

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6052.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6052.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6052

reference_id

reference_type

scores

value	0.0524
scoring_system	epss
scoring_elements	0.89982
published_at	2026-04-21T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89927
published_at	2026-04-01T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89931
published_at	2026-04-02T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89943
published_at	2026-04-04T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.8995
published_at	2026-04-07T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89966
published_at	2026-04-08T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89971
published_at	2026-04-13T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89979
published_at	2026-04-11T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89977
published_at	2026-04-12T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89985
published_at	2026-04-16T12:55:00Z

value	0.0524
scoring_system	epss
scoring_elements	0.89986
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055

reference_url	http://seclists.org/oss-sec/2014/q3/639
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/639

reference_url	http://secunia.com/advisories/61506
reference_id
reference_type
scores
url	http://secunia.com/advisories/61506

reference_url	http://secunia.com/advisories/61682
reference_id
reference_type
scores
url	http://secunia.com/advisories/61682

reference_url	https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812
reference_id
reference_type
scores
url	https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

reference_url	http://ubuntu.com/usn/usn-2365-1
reference_id
reference_type
scores
url	http://ubuntu.com/usn/usn-2365-1

reference_url	http://www.debian.org/security/2014/dsa-3081
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3081

reference_url	http://www.ocert.org/advisories/ocert-2014-007.html
reference_id
reference_type
scores
url	http://www.ocert.org/advisories/ocert-2014-007.html

reference_url	http://www.openwall.com/lists/oss-security/2014/09/25/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/25/11

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

reference_url	http://www.securityfocus.com/bid/70091
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70091

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1144288
reference_id	1144288
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1144288

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
reference_id	762745
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::
reference_id	cpe:2.3:a:libvncserver:libvncserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-6052

reference_id

CVE-2014-6052

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-6052

reference_url	https://security.gentoo.org/glsa/201507-07
reference_id	GLSA-201507-07
reference_type
scores
url	https://security.gentoo.org/glsa/201507-07

reference_url	https://access.redhat.com/errata/RHSA-2014:1826
reference_id	RHSA-2014:1826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1826

reference_url	https://usn.ubuntu.com/2365-1/
reference_id	USN-2365-1
reference_type
scores
url	https://usn.ubuntu.com/2365-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2014-6052

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrnp-2yeq-y7ap

url VCID-nw65-u5bu-yqbv

vulnerability_id VCID-nw65-u5bu-yqbv

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6307.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6307.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-6307

reference_id

reference_type

scores

value	0.09475
scoring_system	epss
scoring_elements	0.92796
published_at	2026-04-01T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92802
published_at	2026-04-02T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92807
published_at	2026-04-04T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92805
published_at	2026-04-07T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92814
published_at	2026-04-08T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92818
published_at	2026-04-09T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92823
published_at	2026-04-13T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92822
published_at	2026-04-12T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92833
published_at	2026-04-16T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92834
published_at	2026-04-18T12:55:00Z

value	0.09475
scoring_system	epss
scoring_elements	0.92838
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-6307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661136
reference_id	1661136
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661136

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-6307

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw65-u5bu-yqbv

url VCID-nxh7-7s8e-g3ec

vulnerability_id VCID-nxh7-7s8e-g3ec

summary libvncserver: libvncserver/hextile.c allows out-of-bounds access via encodings

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14403

reference_id

reference_type

scores

value	0.01113
scoring_system	epss
scoring_elements	0.78107
published_at	2026-04-01T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78116
published_at	2026-04-02T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78145
published_at	2026-04-04T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78128
published_at	2026-04-07T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78154
published_at	2026-04-08T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78161
published_at	2026-04-09T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78186
published_at	2026-04-11T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78169
published_at	2026-04-12T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78165
published_at	2026-04-13T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78198
published_at	2026-04-16T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78197
published_at	2026-04-18T12:55:00Z

value	0.01113
scoring_system	epss
scoring_elements	0.78192
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860334
reference_id	1860334
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860334

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14403

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxh7-7s8e-g3ec

url VCID-p9tk-fn6b-cbbv

vulnerability_id VCID-p9tk-fn6b-cbbv

summary libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20748.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20748.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20748

reference_id

reference_type

scores

value	0.10572
scoring_system	epss
scoring_elements	0.93246
published_at	2026-04-01T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93254
published_at	2026-04-02T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93259
published_at	2026-04-04T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93258
published_at	2026-04-07T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93267
published_at	2026-04-08T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93271
published_at	2026-04-09T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93275
published_at	2026-04-13T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93273
published_at	2026-04-12T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93292
published_at	2026-04-16T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93297
published_at	2026-04-18T12:55:00Z

value	0.10572
scoring_system	epss
scoring_elements	0.93304
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20748

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20748
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20748

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1671407
reference_id	1671407
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1671407

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
reference_id	920941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20748

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9tk-fn6b-cbbv

url VCID-pkx1-zfqh-mqe8

vulnerability_id VCID-pkx1-zfqh-mqe8

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2012. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news
reference_id
reference_type
scores
url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news

reference_url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news
reference_id
reference_type
scores
url	http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news

reference_url	http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news
reference_id
reference_type
scores
url	http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news

reference_url	http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0

reference_url	http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f

reference_url	http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279

reference_url	http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a

reference_url	http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4

reference_url	http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d

reference_url	http://git.gnome.org/browse/vino/log/?h=gnome-2-30
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/log/?h=gnome-2-30

reference_url	http://git.gnome.org/browse/vino/tree/NEWS
reference_id
reference_type
scores
url	http://git.gnome.org/browse/vino/tree/NEWS

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0169.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0169.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0904

reference_id

reference_type

scores

value	0.00685
scoring_system	epss
scoring_elements	0.71695
published_at	2026-04-21T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71627
published_at	2026-04-01T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71634
published_at	2026-04-02T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71652
published_at	2026-04-04T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71624
published_at	2026-04-07T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71664
published_at	2026-04-13T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71675
published_at	2026-04-09T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71699
published_at	2026-04-11T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71682
published_at	2026-04-12T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71708
published_at	2026-04-16T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71714
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0904

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=641802
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=641802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904

reference_url	http://secunia.com/advisories/44410
reference_id
reference_type
scores
url	http://secunia.com/advisories/44410

reference_url	http://secunia.com/advisories/44463
reference_id
reference_type
scores
url	http://secunia.com/advisories/44463

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/67243
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/67243

reference_url	http://www.debian.org/security/2011/dsa-2238
reference_id
reference_type
scores
url	http://www.debian.org/security/2011/dsa-2238

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:087
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:087

reference_url	http://www.securityfocus.com/bid/47681
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/47681

reference_url	http://www.ubuntu.com/usn/usn-1128-1/
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-1128-1/

reference_url	http://www.vupen.com/english/advisories/2011/1144
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/1144

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=694455
reference_id	694455
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=694455

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.13.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.17.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.18.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.19.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.21.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.22.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.22.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.23.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.24.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.25.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.26.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.26.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.27.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.28.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.28.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.32.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.32.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.90:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7.4.90:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.90:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.91:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7.4.91:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.91:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.92:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.7.92:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.92:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.8:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9.2:::::::*
reference_id	cpe:2.3:a:david_king:vino:2.9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:::::::*
reference_id	cpe:2.3:a:david_king:vino:3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:::::::*
reference_id	cpe:2.3:a:david_king:vino:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0904

reference_id

CVE-2011-0904

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0904

reference_url	https://security.gentoo.org/glsa/201412-09
reference_id	GLSA-201412-09
reference_type
scores
url	https://security.gentoo.org/glsa/201412-09

reference_url	https://access.redhat.com/errata/RHSA-2013:0169
reference_id	RHSA-2013:0169
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0169

100

reference_url	https://usn.ubuntu.com/1128-1/
reference_id	USN-1128-1
reference_type
scores
url	https://usn.ubuntu.com/1128-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0?distro=trixie
purl	pkg:deb/debian/libvncserver@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2011-0904

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pkx1-zfqh-mqe8

url VCID-q3t7-3yq6-gkan

vulnerability_id VCID-q3t7-3yq6-gkan

summary libvncserver: unaligned accesses in hybiReadAndDecode can lead to a crash

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20840

reference_id

reference_type

scores

value	0.02026
scoring_system	epss
scoring_elements	0.83715
published_at	2026-04-01T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83728
published_at	2026-04-02T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83742
published_at	2026-04-04T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83745
published_at	2026-04-07T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83769
published_at	2026-04-08T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83775
published_at	2026-04-09T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83791
published_at	2026-04-11T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83785
published_at	2026-04-12T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83781
published_at	2026-04-13T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83814
published_at	2026-04-16T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83815
published_at	2026-04-18T12:55:00Z

value	0.02026
scoring_system	epss
scoring_elements	0.83816
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849881
reference_id	1849881
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849881

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2019-20840

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3t7-3yq6-gkan

url VCID-q4eg-8ph7-nfer

vulnerability_id VCID-q4eg-8ph7-nfer

summary libvncserver: information disclosure and ASLR bypass

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-15681

reference_id

reference_type

scores

value	0.06191
scoring_system	epss
scoring_elements	0.90805
published_at	2026-04-01T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90811
published_at	2026-04-02T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90823
published_at	2026-04-04T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90833
published_at	2026-04-07T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90845
published_at	2026-04-08T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90851
published_at	2026-04-09T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.9086
published_at	2026-04-12T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90857
published_at	2026-04-13T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90882
published_at	2026-04-16T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90879
published_at	2026-04-18T12:55:00Z

value	0.06191
scoring_system	epss
scoring_elements	0.90878
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-15681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1854761
reference_id	1854761
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1854761

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793
reference_id	943793
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784
reference_id	945784
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784

reference_url	https://usn.ubuntu.com/4407-1/
reference_id	USN-4407-1
reference_type
scores
url	https://usn.ubuntu.com/4407-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2019-15681

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4eg-8ph7-nfer

url VCID-q89b-2emb-j3br

vulnerability_id VCID-q89b-2emb-j3br

summary

Multiple vulnerabilities have been found in ssvnc, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20024.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20024.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20024

reference_id

reference_type

scores

value	0.03729
scoring_system	epss
scoring_elements	0.87937
published_at	2026-04-01T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.87947
published_at	2026-04-02T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.8796
published_at	2026-04-04T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.87964
published_at	2026-04-07T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.87984
published_at	2026-04-08T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.87991
published_at	2026-04-09T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.88002
published_at	2026-04-11T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.87995
published_at	2026-04-12T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.87994
published_at	2026-04-13T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.88008
published_at	2026-04-16T12:55:00Z

value	0.03729
scoring_system	epss
scoring_elements	0.88007
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661132
reference_id	1661132
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661132

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827
reference_id	945827
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://security.gentoo.org/glsa/202006-06
reference_id	GLSA-202006-06
reference_type
scores
url	https://security.gentoo.org/glsa/202006-06

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4547-2/
reference_id	USN-4547-2
reference_type
scores
url	https://usn.ubuntu.com/4547-2/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20024

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q89b-2emb-j3br

url VCID-qde7-y8q2-2bgq

vulnerability_id VCID-qde7-y8q2-2bgq

summary libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15690.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15690.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-15690

reference_id

reference_type

scores

value	0.04329
scoring_system	epss
scoring_elements	0.88864
published_at	2026-04-01T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88872
published_at	2026-04-02T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88928
published_at	2026-04-21T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.8892
published_at	2026-04-13T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88934
published_at	2026-04-16T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88932
published_at	2026-04-18T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88888
published_at	2026-04-04T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.8889
published_at	2026-04-07T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88909
published_at	2026-04-08T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88914
published_at	2026-04-09T12:55:00Z

value	0.04329
scoring_system	epss
scoring_elements	0.88925
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-15690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1811948
reference_id	1811948
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1811948

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163
reference_id	954163
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163

reference_url

https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/

reference_id

klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-24T18:22:46Z/

url

https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/

reference_url	https://access.redhat.com/errata/RHSA-2020:0913
reference_id	RHSA-2020:0913
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0913

reference_url	https://access.redhat.com/errata/RHSA-2020:0920
reference_id	RHSA-2020:0920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0920

reference_url	https://access.redhat.com/errata/RHSA-2020:0921
reference_id	RHSA-2020:0921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0921

reference_url	https://usn.ubuntu.com/4407-1/
reference_id	USN-4407-1
reference_type
scores
url	https://usn.ubuntu.com/4407-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-9?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-9%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2019-15690

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qde7-y8q2-2bgq

url VCID-qfyp-1xhm-13au

vulnerability_id VCID-qfyp-1xhm-13au

summary libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14397

reference_id

reference_type

scores

value	0.04438
scoring_system	epss
scoring_elements	0.88996
published_at	2026-04-01T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89004
published_at	2026-04-02T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.8902
published_at	2026-04-04T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89022
published_at	2026-04-07T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89039
published_at	2026-04-08T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89045
published_at	2026-04-09T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89057
published_at	2026-04-11T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89052
published_at	2026-04-12T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.8905
published_at	2026-04-13T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89064
published_at	2026-04-16T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89063
published_at	2026-04-18T12:55:00Z

value	0.04438
scoring_system	epss
scoring_elements	0.89059
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14397

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860344
reference_id	1860344
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860344

reference_url	https://access.redhat.com/errata/RHSA-2021:1811
reference_id	RHSA-2021:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1811

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

reference_url	https://usn.ubuntu.com/4573-1/
reference_id	USN-4573-1
reference_type
scores
url	https://usn.ubuntu.com/4573-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14397

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyp-1xhm-13au

url VCID-qukp-tx5e-6yhe

vulnerability_id VCID-qukp-tx5e-6yhe

summary libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20750.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20750.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20750

reference_id

reference_type

scores

value	0.10369
scoring_system	epss
scoring_elements	0.93175
published_at	2026-04-01T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93185
published_at	2026-04-02T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93189
published_at	2026-04-04T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93187
published_at	2026-04-07T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93196
published_at	2026-04-08T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.932
published_at	2026-04-09T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93205
published_at	2026-04-11T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93202
published_at	2026-04-12T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93204
published_at	2026-04-13T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93219
published_at	2026-04-16T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93224
published_at	2026-04-18T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93232
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20750

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1671405
reference_id	1671405
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1671405

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
reference_id	920941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20750

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qukp-tx5e-6yhe

url VCID-sgkq-a36z-gyfp

vulnerability_id VCID-sgkq-a36z-gyfp

summary libvncserver: buffer overflow in ConnectClientToUnixSock()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20839

reference_id

reference_type

scores

value	0.04081
scoring_system	epss
scoring_elements	0.88505
published_at	2026-04-01T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88513
published_at	2026-04-02T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.8853
published_at	2026-04-04T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88534
published_at	2026-04-07T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88553
published_at	2026-04-08T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88557
published_at	2026-04-09T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88569
published_at	2026-04-21T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88561
published_at	2026-04-13T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88575
published_at	2026-04-16T12:55:00Z

value	0.04081
scoring_system	epss
scoring_elements	0.88571
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849877
reference_id	1849877
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849877

reference_url	https://access.redhat.com/errata/RHSA-2021:1811
reference_id	RHSA-2021:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1811

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2019-20839

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgkq-a36z-gyfp

url VCID-tj14-ykx8-qqgn

vulnerability_id VCID-tj14-ykx8-qqgn

summary libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20788.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20788.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20788

reference_id

reference_type

scores

value	0.00796
scoring_system	epss
scoring_elements	0.7402
published_at	2026-04-21T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73929
published_at	2026-04-01T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73938
published_at	2026-04-02T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73964
published_at	2026-04-04T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73935
published_at	2026-04-07T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73969
published_at	2026-04-08T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73983
published_at	2026-04-09T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74006
published_at	2026-04-11T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73988
published_at	2026-04-12T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.73979
published_at	2026-04-13T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74019
published_at	2026-04-16T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74028
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1829870
reference_id	1829870
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1829870

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163
reference_id	954163
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163

reference_url	https://access.redhat.com/errata/RHSA-2020:0913
reference_id	RHSA-2020:0913
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0913

reference_url	https://access.redhat.com/errata/RHSA-2020:0920
reference_id	RHSA-2020:0920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0920

reference_url	https://access.redhat.com/errata/RHSA-2020:0921
reference_id	RHSA-2020:0921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0921

reference_url	https://usn.ubuntu.com/4407-1/
reference_id	USN-4407-1
reference_type
scores
url	https://usn.ubuntu.com/4407-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-9?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-9%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2019-20788

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tj14-ykx8-qqgn

url VCID-tnzy-mktx-e7fm

vulnerability_id VCID-tnzy-mktx-e7fm

summary libvncserver: a memory leak via the function rfbClientCleanup() may lead to a DoS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29260.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29260.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-29260

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.46493
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46551
published_at	2026-04-04T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.465
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46578
published_at	2026-04-11T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.4655
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46559
published_at	2026-04-21T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46615
published_at	2026-04-16T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46613
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-29260

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29260
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29260

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019228
reference_id	1019228
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019228

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2124164
reference_id	2124164
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2124164

fixed_packages

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-5?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-5%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-29260

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnzy-mktx-e7fm

url VCID-ug79-puqk-33ce

vulnerability_id VCID-ug79-puqk-33ce

summary

An integer overflow in TigerVNC might allow remote attackers to
    execute
    arbitrary code.

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-0113.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-0113.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6051.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6051.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6051

reference_id

reference_type

scores

value	0.06605
scoring_system	epss
scoring_elements	0.912
published_at	2026-04-21T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91123
published_at	2026-04-01T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91128
published_at	2026-04-02T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91136
published_at	2026-04-04T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91144
published_at	2026-04-07T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91157
published_at	2026-04-08T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91164
published_at	2026-04-09T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91171
published_at	2026-04-11T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91174
published_at	2026-04-12T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91173
published_at	2026-04-13T12:55:00Z

value	0.06605
scoring_system	epss
scoring_elements	0.91197
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055

reference_url	http://seclists.org/oss-sec/2014/q3/639
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/639

reference_url	http://secunia.com/advisories/61506
reference_id
reference_type
scores
url	http://secunia.com/advisories/61506

reference_url	https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273
reference_id
reference_type
scores
url	https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

reference_url	https://www.kde.org/info/security/advisory-20140923-1.txt
reference_id
reference_type
scores
url	https://www.kde.org/info/security/advisory-20140923-1.txt

reference_url	http://www.debian.org/security/2014/dsa-3081
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3081

reference_url	http://www.ocert.org/advisories/ocert-2014-007.html
reference_id
reference_type
scores
url	http://www.ocert.org/advisories/ocert-2014-007.html

reference_url	http://www.openwall.com/lists/oss-security/2014/09/25/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/25/11

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

reference_url	http://www.securityfocus.com/bid/70093
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70093

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1144287
reference_id	1144287
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1144287

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
reference_id	762745
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::
reference_id	cpe:2.3:a:libvncserver:libvncserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-6051

reference_id

CVE-2014-6051

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-6051

reference_url	https://security.gentoo.org/glsa/201507-07
reference_id	GLSA-201507-07
reference_type
scores
url	https://security.gentoo.org/glsa/201507-07

reference_url	https://security.gentoo.org/glsa/201612-36
reference_id	GLSA-201612-36
reference_type
scores
url	https://security.gentoo.org/glsa/201612-36

reference_url	https://access.redhat.com/errata/RHSA-2014:1826
reference_id	RHSA-2014:1826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1826

reference_url	https://access.redhat.com/errata/RHSA-2015:0113
reference_id	RHSA-2015:0113
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0113

reference_url	https://usn.ubuntu.com/2365-1/
reference_id	USN-2365-1
reference_type
scores
url	https://usn.ubuntu.com/2365-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2014-6051

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ug79-puqk-33ce

url VCID-uuzf-kk8s-qyaa

vulnerability_id VCID-uuzf-kk8s-qyaa

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6054.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6054.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6054

reference_id

reference_type

scores

value	0.34577
scoring_system	epss
scoring_elements	0.97015
published_at	2026-04-21T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.96973
published_at	2026-04-01T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.9698
published_at	2026-04-02T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.96985
published_at	2026-04-04T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.96987
published_at	2026-04-07T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.96995
published_at	2026-04-08T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.96996
published_at	2026-04-09T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.96999
published_at	2026-04-11T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.97
published_at	2026-04-13T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.97009
published_at	2026-04-16T12:55:00Z

value	0.34577
scoring_system	epss
scoring_elements	0.97012
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055

reference_url	http://seclists.org/oss-sec/2014/q3/639
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/639

reference_url	http://secunia.com/advisories/61506
reference_id
reference_type
scores
url	http://secunia.com/advisories/61506

reference_url	http://secunia.com/advisories/61682
reference_id
reference_type
scores
url	http://secunia.com/advisories/61682

reference_url	https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec0a9d580a8f420f41718bdd235446
reference_id
reference_type
scores
url	https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec0a9d580a8f420f41718bdd235446

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

reference_url	http://www.debian.org/security/2014/dsa-3081
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3081

reference_url	http://www.ocert.org/advisories/ocert-2014-007.html
reference_id
reference_type
scores
url	http://www.ocert.org/advisories/ocert-2014-007.html

reference_url	http://www.openwall.com/lists/oss-security/2014/09/25/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/25/11

reference_url	http://www.securityfocus.com/bid/70094
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70094

reference_url	http://www.ubuntu.com/usn/USN-2365-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2365-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1144291
reference_id	1144291
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1144291

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
reference_id	762745
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::
reference_id	cpe:2.3:a:libvncserver:libvncserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-6054

reference_id

CVE-2014-6054

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-6054

reference_url	https://security.gentoo.org/glsa/201507-07
reference_id	GLSA-201507-07
reference_type
scores
url	https://security.gentoo.org/glsa/201507-07

reference_url	https://access.redhat.com/errata/RHSA-2014:1826
reference_id	RHSA-2014:1826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1826

reference_url	https://access.redhat.com/errata/RHSA-2014:1827
reference_id	RHSA-2014:1827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1827

reference_url	https://usn.ubuntu.com/2365-1/
reference_id	USN-2365-1
reference_type
scores
url	https://usn.ubuntu.com/2365-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2014-6054

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uuzf-kk8s-qyaa

url VCID-v7mt-jtes-h3bz

vulnerability_id VCID-v7mt-jtes-h3bz

summary libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20749.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20749.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20749

reference_id

reference_type

scores

value	0.10369
scoring_system	epss
scoring_elements	0.93175
published_at	2026-04-01T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93185
published_at	2026-04-02T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93189
published_at	2026-04-04T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93187
published_at	2026-04-07T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93196
published_at	2026-04-08T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.932
published_at	2026-04-09T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93205
published_at	2026-04-11T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93202
published_at	2026-04-12T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93204
published_at	2026-04-13T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93219
published_at	2026-04-16T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93224
published_at	2026-04-18T12:55:00Z

value	0.10369
scoring_system	epss
scoring_elements	0.93232
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20749

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1671403
reference_id	1671403
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1671403

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941
reference_id	920941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20749

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7mt-jtes-h3bz

url VCID-vywb-buqd-w3dw

vulnerability_id VCID-vywb-buqd-w3dw

summary

Multiple vulnerabilities have been found in LibVNCServer, the worst
    of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20019.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20019.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20019

reference_id

reference_type

scores

value	0.168
scoring_system	epss
scoring_elements	0.94919
published_at	2026-04-01T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94927
published_at	2026-04-02T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94929
published_at	2026-04-04T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94931
published_at	2026-04-07T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94939
published_at	2026-04-08T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94943
published_at	2026-04-09T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94947
published_at	2026-04-11T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.9495
published_at	2026-04-12T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94952
published_at	2026-04-13T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.9496
published_at	2026-04-16T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94963
published_at	2026-04-18T12:55:00Z

value	0.168
scoring_system	epss
scoring_elements	0.94967
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661114
reference_id	1661114
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661114

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://security.gentoo.org/glsa/201908-05
reference_id	GLSA-201908-05
reference_type
scores
url	https://security.gentoo.org/glsa/201908-05

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-20019

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vywb-buqd-w3dw

url VCID-wzpf-4nu7-xyc6

vulnerability_id VCID-wzpf-4nu7-xyc6

summary libvncserver: libvncclient/rfbproto.c does not limit TextChat size

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14405

reference_id

reference_type

scores

value	0.01448
scoring_system	epss
scoring_elements	0.80698
published_at	2026-04-01T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80708
published_at	2026-04-02T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80729
published_at	2026-04-04T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80725
published_at	2026-04-07T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80753
published_at	2026-04-08T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80761
published_at	2026-04-09T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80778
published_at	2026-04-11T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80762
published_at	2026-04-12T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80754
published_at	2026-04-13T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80791
published_at	2026-04-16T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80792
published_at	2026-04-18T12:55:00Z

value	0.01448
scoring_system	epss
scoring_elements	0.80793
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860325
reference_id	1860325
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860325

reference_url	https://access.redhat.com/errata/RHSA-2021:1811
reference_id	RHSA-2021:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1811

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14405

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzpf-4nu7-xyc6

url VCID-x78k-5wm4-kkaj

vulnerability_id VCID-x78k-5wm4-kkaj

summary libvncserver: byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14400

reference_id

reference_type

scores

value	0.02477
scoring_system	epss
scoring_elements	0.85301
published_at	2026-04-21T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85211
published_at	2026-04-01T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85223
published_at	2026-04-02T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85241
published_at	2026-04-04T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85244
published_at	2026-04-07T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85266
published_at	2026-04-08T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85274
published_at	2026-04-09T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85288
published_at	2026-04-11T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85286
published_at	2026-04-12T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85283
published_at	2026-04-13T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85304
published_at	2026-04-16T12:55:00Z

value	0.02477
scoring_system	epss
scoring_elements	0.85305
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1860361
reference_id	1860361
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1860361

reference_url	https://usn.ubuntu.com/4434-1/
reference_id	USN-4434-1
reference_type
scores
url	https://usn.ubuntu.com/4434-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2020-14400

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x78k-5wm4-kkaj

url VCID-xk15-h8qm-gfbf

vulnerability_id VCID-xk15-h8qm-gfbf

summary security update

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-0113.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-0113.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6055.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6055.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6055

reference_id

reference_type

scores

value	0.11157
scoring_system	epss
scoring_elements	0.93516
published_at	2026-04-21T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93451
published_at	2026-04-01T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93459
published_at	2026-04-02T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93467
published_at	2026-04-07T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93475
published_at	2026-04-08T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93479
published_at	2026-04-09T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93484
published_at	2026-04-12T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93485
published_at	2026-04-13T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.93504
published_at	2026-04-16T12:55:00Z

value	0.11157
scoring_system	epss
scoring_elements	0.9351
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055

reference_url	http://seclists.org/oss-sec/2014/q3/639
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/639

reference_url	http://secunia.com/advisories/61506
reference_id
reference_type
scores
url	http://secunia.com/advisories/61506

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/96187
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/96187

reference_url	https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e
reference_id
reference_type
scores
url	https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e

reference_url	https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677
reference_id
reference_type
scores
url	https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

reference_url	https://www.kde.org/info/security/advisory-20140923-1.txt
reference_id
reference_type
scores
url	https://www.kde.org/info/security/advisory-20140923-1.txt

reference_url	http://www.debian.org/security/2014/dsa-3081
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3081

reference_url	http://www.ocert.org/advisories/ocert-2014-007.html
reference_id
reference_type
scores
url	http://www.ocert.org/advisories/ocert-2014-007.html

reference_url	http://www.openwall.com/lists/oss-security/2014/09/25/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/25/11

reference_url	http://www.securityfocus.com/bid/70096
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70096

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1144293
reference_id	1144293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1144293

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745
reference_id	762745
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::
reference_id	cpe:2.3:a:libvncserver:libvncserver::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-6055

reference_id

CVE-2014-6055

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-6055

reference_url	https://security.gentoo.org/glsa/201507-07
reference_id	GLSA-201507-07
reference_type
scores
url	https://security.gentoo.org/glsa/201507-07

reference_url	https://access.redhat.com/errata/RHSA-2014:1826
reference_id	RHSA-2014:1826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1826

reference_url	https://access.redhat.com/errata/RHSA-2014:1827
reference_id	RHSA-2014:1827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1827

reference_url	https://access.redhat.com/errata/RHSA-2015:0113
reference_id	RHSA-2015:0113
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0113

reference_url	https://usn.ubuntu.com/2365-1/
reference_id	USN-2365-1
reference_type
scores
url	https://usn.ubuntu.com/2365-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2014-6055

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xk15-h8qm-gfbf

url VCID-xqer-ndmy-gfgp

vulnerability_id VCID-xqer-ndmy-gfgp

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15127.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15127.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-15127

reference_id

reference_type

scores

value	0.15138
scoring_system	epss
scoring_elements	0.94555
published_at	2026-04-01T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94563
published_at	2026-04-02T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.9457
published_at	2026-04-04T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94572
published_at	2026-04-07T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94582
published_at	2026-04-08T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94586
published_at	2026-04-09T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94589
published_at	2026-04-11T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94592
published_at	2026-04-13T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94605
published_at	2026-04-16T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94609
published_at	2026-04-18T12:55:00Z

value	0.15138
scoring_system	epss
scoring_elements	0.94613
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661102
reference_id	1661102
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661102

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941
reference_id	916941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941

reference_url	https://access.redhat.com/errata/RHSA-2019:0059
reference_id	RHSA-2019:0059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0059

reference_url	https://usn.ubuntu.com/3877-1/
reference_id	USN-3877-1
reference_type
scores
url	https://usn.ubuntu.com/3877-1/

reference_url	https://usn.ubuntu.com/4547-1/
reference_id	USN-4547-1
reference_type
scores
url	https://usn.ubuntu.com/4547-1/

reference_url	https://usn.ubuntu.com/4587-1/
reference_id	USN-4587-1
reference_type
scores
url	https://usn.ubuntu.com/4587-1/

fixed_packages

url	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-81pq-5gvp-zfgw

vulnerability	VCID-aphg-42c4-9yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
purl	pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie

aliases CVE-2018-15127

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xqer-ndmy-gfgp

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie

Package Instance