Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1072636?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "type": "deb", "namespace": "debian", "name": "libvncserver", "version": "0.9.15+dfsg-4", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41297?format=api", "vulnerability_id": "VCID-1d5d-ajfs-tffv", "summary": "Multiple vulnerabilities have been found in\n LibVNCServer/LibVNCClient, the worst of which allows remote attackers to\n execute arbitrary code when connecting to a malicious server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9941.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9941.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74598", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74724", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74715", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74722", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74634", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74651", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.7468", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74688", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410166", "reference_id": "1410166", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410166" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850007", "reference_id": "850007", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850007" }, { "reference_url": "https://security.archlinux.org/ASA-201701-20", "reference_id": "ASA-201701-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-20" }, { "reference_url": "https://security.archlinux.org/AVG-124", "reference_id": "AVG-124", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-124" }, { "reference_url": "https://security.gentoo.org/glsa/201702-24", "reference_id": "GLSA-201702-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-24" }, { "reference_url": "https://usn.ubuntu.com/3171-1/", "reference_id": "USN-3171-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3171-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928988?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9941" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d5d-ajfs-tffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57888?format=api", "vulnerability_id": "VCID-1hmm-y54k-3uhm", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97166", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97118", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97125", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97132", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97142", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97148", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97156", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97157", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97162", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.36865", "scoring_system": "epss", "scoring_elements": "0.97165", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055" }, { "reference_url": "http://seclists.org/oss-sec/2014/q3/639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q3/639" }, { "reference_url": "http://secunia.com/advisories/61506", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61506" }, { "reference_url": "http://secunia.com/advisories/61682", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61682" }, { "reference_url": "https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html" }, { "reference_url": "http://ubuntu.com/usn/usn-2365-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-2365-1" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3081" }, { "reference_url": "http://www.ocert.org/advisories/ocert-2014-007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ocert.org/advisories/ocert-2014-007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/11", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/11" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144289", "reference_id": "1144289", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144289" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745", "reference_id": "762745", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784", "reference_id": "945784", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6053", "reference_id": "CVE-2014-6053", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6053" }, { "reference_url": "https://security.gentoo.org/glsa/201507-07", "reference_id": "GLSA-201507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1826", "reference_id": "RHSA-2014:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1827", "reference_id": "RHSA-2014:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1827" }, { "reference_url": "https://usn.ubuntu.com/2365-1/", "reference_id": "USN-2365-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2365-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928987?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-6053" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hmm-y54k-3uhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41298?format=api", "vulnerability_id": "VCID-377b-31s1-b3ek", "summary": "Multiple vulnerabilities have been found in\n LibVNCServer/LibVNCClient, the worst of which allows remote attackers to\n execute arbitrary code when connecting to a malicious server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9942.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74598", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74724", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74715", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74722", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74634", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74651", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.7468", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00836", "scoring_system": "epss", "scoring_elements": "0.74688", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410168", "reference_id": "1410168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410168" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850008", "reference_id": "850008", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850008" }, { "reference_url": "https://security.archlinux.org/ASA-201701-20", "reference_id": "ASA-201701-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-20" }, { "reference_url": "https://security.archlinux.org/AVG-124", "reference_id": "AVG-124", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-124" }, { "reference_url": "https://security.gentoo.org/glsa/201702-24", "reference_id": "GLSA-201702-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-24" }, { "reference_url": "https://usn.ubuntu.com/3171-1/", "reference_id": "USN-3171-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3171-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928988?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9942" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-377b-31s1-b3ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30944?format=api", "vulnerability_id": "VCID-3817-suhy-xfhd", "summary": "Multiple vulnerabilities have been found in ssvnc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20020.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20020.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95607", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95616", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95621", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95632", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95636", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95641", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.9564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95651", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95655", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95656", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95657", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.2103", "scoring_system": "epss", "scoring_elements": "0.95659", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661117", "reference_id": "1661117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661117" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827", "reference_id": "945827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://security.gentoo.org/glsa/202006-06", "reference_id": "GLSA-202006-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-06" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-2/", "reference_id": "USN-4547-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-2/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20020" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3817-suhy-xfhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34782?format=api", "vulnerability_id": "VCID-6cgs-ggbr-rqdg", "summary": "VNC servers created with LibVNCServer accept insecure protocol types, even\n when the server does not offer it, resulting in unauthorized access to the\n server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2450.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87001", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87012", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.8703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87059", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87053", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.8707", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87074", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87089", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87095", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03222", "scoring_system": "epss", "scoring_elements": "0.87096", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824", "reference_id": "376824", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=376824" }, { "reference_url": "https://security.gentoo.org/glsa/200608-05", "reference_id": "GLSA-200608-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-05" }, { "reference_url": "https://security.gentoo.org/glsa/200608-12", "reference_id": "GLSA-200608-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-12" }, { "reference_url": "https://security.gentoo.org/glsa/200703-19", "reference_id": "GLSA-200703-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200703-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928982?format=api", "purl": "pkg:deb/debian/libvncserver@0.8.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.8.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2450" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cgs-ggbr-rqdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81164?format=api", "vulnerability_id": "VCID-6w3g-x86a-sfbj", "summary": "libvncserver: libvncserver/corre.c allows out-of-bounds access via encodings", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.8441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84444", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84446", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84468", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84486", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84503", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84504", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84506", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84533", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84542", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84545", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860367", "reference_id": "1860367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860367" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14402" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6w3g-x86a-sfbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81317?format=api", "vulnerability_id": "VCID-7taj-t1kg-h3a9", "summary": "libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72303", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72255", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72265", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72252", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72297", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72306", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.7376", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73751", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73703", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73713", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73736", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73756", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896739", "reference_id": "1896739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4636-1/", "reference_id": "USN-4636-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4636-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25708" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7taj-t1kg-h3a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64118?format=api", "vulnerability_id": "VCID-81pq-5gvp-zfgw", "summary": "LibVNCServer: LibVNCServer: Denial of Service via specially crafted HTTP requests", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32854.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.8024", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80266", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81637", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81633", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82644", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82645", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.8257", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82566", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.826", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82618", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01761", "scoring_system": "epss", "scoring_elements": "0.82612", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32854" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132017", "reference_id": "1132017", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132017" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450845", "reference_id": "2450845", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450845" }, { "reference_url": "https://github.com/LibVNC/libvncserver/commit/dc78dee51a7e270e537a541a17befdf2073f5314", "reference_id": "dc78dee51a7e270e537a541a17befdf2073f5314", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T03:52:09Z/" } ], "url": "https://github.com/LibVNC/libvncserver/commit/dc78dee51a7e270e537a541a17befdf2073f5314" }, { "reference_url": "https://github.com/LibVNC/libvncserver/security/advisories/GHSA-xjp8-4qqv-5x4x", "reference_id": "GHSA-xjp8-4qqv-5x4x", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T03:52:09Z/" } ], "url": "https://github.com/LibVNC/libvncserver/security/advisories/GHSA-xjp8-4qqv-5x4x" }, { "reference_url": "https://www.vulncheck.com/advisories/libvncserver-httpd-proxy-null-pointer-dereference", "reference_id": "libvncserver-httpd-proxy-null-pointer-dereference", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T03:52:09Z/" } ], "url": "https://www.vulncheck.com/advisories/libvncserver-httpd-proxy-null-pointer-dereference" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-32854" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81pq-5gvp-zfgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81163?format=api", "vulnerability_id": "VCID-9eyh-gzse-8qdk", "summary": "libvncserver: libvncserver/scale.c has a pixel_value integer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81711", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81721", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81768", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81773", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81813", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81816", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8184", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8185", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81855", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860364", "reference_id": "1860364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860364" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14401" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9eyh-gzse-8qdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38630?format=api", "vulnerability_id": "VCID-9nha-t527-rfhs", "summary": "Multiple vulnerabilities have been found in LibVNCServer, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74918", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.7495", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74924", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74957", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74992", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74961", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74998", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75005", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74995", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75033", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75038", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75041", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661128", "reference_id": "1661128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661128" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20023" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nha-t527-rfhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64119?format=api", "vulnerability_id": "VCID-aphg-42c4-9yct", "summary": "LibVNCServer: LibVNCServer: Information disclosure or Denial of Service via heap out-of-bounds read in UltraZip encoding", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12237", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12161", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12221", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12018", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12129", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1211", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12281", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13287", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13184", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/LibVNC/libvncserver/commit/009008e2f4d5a54dd71f422070df3af7b3dbc931", "reference_id": "009008e2f4d5a54dd71f422070df3af7b3dbc931", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:41:12Z/" } ], "url": "https://github.com/LibVNC/libvncserver/commit/009008e2f4d5a54dd71f422070df3af7b3dbc931" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132016", "reference_id": "1132016", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132016" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450843", "reference_id": "2450843", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450843" }, { "reference_url": "https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj", "reference_id": "GHSA-87q7-v983-qwcj", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:41:12Z/" } ], "url": "https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj" }, { "reference_url": "https://www.vulncheck.com/advisories/libvncserver-ultrazip-encoding-heap-out-of-bounds-read", "reference_id": "libvncserver-ultrazip-encoding-heap-out-of-bounds-read", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T13:41:12Z/" } ], "url": "https://www.vulncheck.com/advisories/libvncserver-ultrazip-encoding-heap-out-of-bounds-read" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-32853" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aphg-42c4-9yct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30946?format=api", "vulnerability_id": "VCID-bngs-4nkn-rbh1", "summary": "Multiple vulnerabilities have been found in ssvnc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.9079", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90796", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90818", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90829", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90842", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90866", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90864", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90863", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90877", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90875", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06177", "scoring_system": "epss", "scoring_elements": "0.90873", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661123", "reference_id": "1661123", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661123" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827", "reference_id": "945827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://security.gentoo.org/glsa/202006-06", "reference_id": "GLSA-202006-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-06" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-2/", "reference_id": "USN-4547-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-2/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20022" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bngs-4nkn-rbh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33263?format=api", "vulnerability_id": "VCID-ce4w-vd75-n3gg", "summary": "This GLSA contains notification of vulnerabilities found in several\n Gentoo packages which have been fixed prior to January 1, 2012. The worst\n of these vulnerabilities could lead to local privilege escalation and\n remote code execution. Please see the package list and CVE identifiers\n below for more information.", "references": [ { "reference_url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news" }, { "reference_url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news" }, { "reference_url": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d" }, { "reference_url": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30" }, { "reference_url": "http://git.gnome.org/browse/vino/tree/NEWS", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/tree/NEWS" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0169.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0169.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79073", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78947", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.7898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78965", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78989", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78995", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.7902", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78994", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79022", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79018", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79052", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79058", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0905" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=641803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=641803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905" }, { "reference_url": "http://secunia.com/advisories/44410", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44410" }, { "reference_url": "http://secunia.com/advisories/44463", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44463" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67244" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2238", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2011/dsa-2238" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087" }, { "reference_url": "http://www.securityfocus.com/bid/47681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47681" }, { "reference_url": "http://www.ubuntu.com/usn/usn-1128-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-1128-1/" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/1144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/1144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=694456", "reference_id": "694456", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=694456" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.13.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.18.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.22.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.22.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.24.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.26.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.26.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.28.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.32.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:3.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0905", "reference_id": "CVE-2011-0905", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0905" }, { "reference_url": "https://security.gentoo.org/glsa/201412-09", "reference_id": "GLSA-201412-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0169", "reference_id": "RHSA-2013:0169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0169" }, { "reference_url": "https://usn.ubuntu.com/1128-1/", "reference_id": "USN-1128-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1128-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928986?format=api", "purl": "pkg:deb/debian/libvncserver@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0905" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ce4w-vd75-n3gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81157?format=api", "vulnerability_id": "VCID-d3c1-uv78-a7cj", "summary": "libvncserver: libvncserver/rre.c allows out-of-bounds access via encodings", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79907", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79961", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79981", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79956", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79984", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80015", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.8002", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80036", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860337", "reference_id": "1860337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860337" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14404" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3c1-uv78-a7cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81158?format=api", "vulnerability_id": "VCID-dmax-ew5t-4fg4", "summary": "libvncserver: libvncclient/tls_openssl.c has a NULL pointer dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81513", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81525", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81572", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81578", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81598", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81586", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81579", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81616", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81617", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81652", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01582", "scoring_system": "epss", "scoring_elements": "0.81656", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14396" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860340", "reference_id": "1860340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860340" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14396" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmax-ew5t-4fg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30945?format=api", "vulnerability_id": "VCID-du88-cbhp-rkcc", "summary": "Multiple vulnerabilities have been found in ssvnc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20021.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85421", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85456", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85499", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85518", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85522", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85519", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85541", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.8555", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02552", "scoring_system": "epss", "scoring_elements": "0.85548", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661120", "reference_id": "1661120", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661120" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827", "reference_id": "945827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://security.gentoo.org/glsa/202006-06", "reference_id": "GLSA-202006-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-06" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-2/", "reference_id": "USN-4547-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-2/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20021" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-du88-cbhp-rkcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84579?format=api", "vulnerability_id": "VCID-dzex-yhec-uydq", "summary": "libvncserver: websocket decoding buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18922.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18922.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89423", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89428", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89441", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89457", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89469", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89463", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89478", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89475", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04777", "scoring_system": "epss", "scoring_elements": "0.89467", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06869", "scoring_system": "epss", "scoring_elements": "0.91406", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06869", "scoring_system": "epss", "scoring_elements": "0.91405", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06869", "scoring_system": "epss", "scoring_elements": "0.91408", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18922" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852356", "reference_id": "1852356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852356" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3281", "reference_id": "RHSA-2020:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3385", "reference_id": "RHSA-2020:3385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3456", "reference_id": "RHSA-2020:3456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3588", "reference_id": "RHSA-2020:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3588" }, { "reference_url": "https://usn.ubuntu.com/4407-1/", "reference_id": "USN-4407-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4407-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928989?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-18922" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzex-yhec-uydq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74010?format=api", "vulnerability_id": "VCID-e3u6-fpje-tubq", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90553", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90557", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90588", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90594", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90603", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90597", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90616", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90613", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.9061", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90626", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90628", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.059", "scoring_system": "epss", "scoring_elements": "0.90624", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661110", "reference_id": "1661110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661110" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-15126" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3u6-fpje-tubq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38631?format=api", "vulnerability_id": "VCID-efft-1f56-jqeq", "summary": "Multiple vulnerabilities have been found in LibVNCServer, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7225.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7225.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87174", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87131", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87152", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87149", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87167", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03256", "scoring_system": "epss", "scoring_elements": "0.87173", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88816", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88828", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88823", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88767", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88793", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.8881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88775", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04263", "scoring_system": "epss", "scoring_elements": "0.88791", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546858", "reference_id": "1546858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546858" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894045", "reference_id": "894045", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894045" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784", "reference_id": "945784", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784" }, { "reference_url": "https://security.archlinux.org/AVG-628", "reference_id": "AVG-628", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-628" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1055", "reference_id": "RHSA-2018:1055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1055" }, { "reference_url": "https://usn.ubuntu.com/3618-1/", "reference_id": "USN-3618-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3618-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928992?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-7225" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efft-1f56-jqeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74013?format=api", "vulnerability_id": "VCID-h8bk-uaqv-puap", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21247.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21247.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80914", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80923", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80942", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.8097", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80977", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80994", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.8098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.80972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.81009", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.8101", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.81011", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.81033", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.81042", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01477", "scoring_system": "epss", "scoring_elements": "0.81048", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849886", "reference_id": "1849886", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-21247" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h8bk-uaqv-puap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81160?format=api", "vulnerability_id": "VCID-j4kf-j3t8-fbfb", "summary": "libvncserver: an improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84576", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.8459", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84613", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84634", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84641", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84654", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.8467", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84671", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84672", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84699", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.84709", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02271", "scoring_system": "epss", "scoring_elements": "0.8471", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860348", "reference_id": "1860348", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860348" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14398" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4kf-j3t8-fbfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81161?format=api", "vulnerability_id": "VCID-kzk2-vaa2-6bfa", "summary": "libvncserver: byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85297", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85176", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85187", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85205", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85236", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85251", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85267", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85266", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85289", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85298", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860354", "reference_id": "1860354", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860354" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14399" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzk2-vaa2-6bfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57887?format=api", "vulnerability_id": "VCID-nrnp-2yeq-y7ap", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6052.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89997", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89931", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.8995", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89966", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89979", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89977", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89985", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89986", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89982", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89999", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0524", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055" }, { "reference_url": "http://seclists.org/oss-sec/2014/q3/639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q3/639" }, { "reference_url": "http://secunia.com/advisories/61506", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61506" }, { "reference_url": "http://secunia.com/advisories/61682", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61682" }, { "reference_url": "https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/newsoft/libvncserver/commit/85a778c0e45e87e35ee7199f1f25020648e8b812" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html" }, { "reference_url": "http://ubuntu.com/usn/usn-2365-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-2365-1" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3081" }, { "reference_url": "http://www.ocert.org/advisories/ocert-2014-007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ocert.org/advisories/ocert-2014-007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/11", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/11" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "reference_url": "http://www.securityfocus.com/bid/70091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70091" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144288", "reference_id": "1144288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144288" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745", "reference_id": "762745", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6052", "reference_id": "CVE-2014-6052", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6052" }, { "reference_url": "https://security.gentoo.org/glsa/201507-07", "reference_id": "GLSA-201507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1826", "reference_id": "RHSA-2014:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1826" }, { "reference_url": "https://usn.ubuntu.com/2365-1/", "reference_id": "USN-2365-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2365-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928987?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-6052" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrnp-2yeq-y7ap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74009?format=api", "vulnerability_id": "VCID-nw65-u5bu-yqbv", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6307.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6307.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92796", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92802", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92805", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92814", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92818", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92833", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92834", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92845", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92847", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.09475", "scoring_system": "epss", "scoring_elements": "0.92842", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661136", "reference_id": "1661136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-6307" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw65-u5bu-yqbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81156?format=api", "vulnerability_id": "VCID-nxh7-7s8e-g3ec", "summary": "libvncserver: libvncserver/hextile.c allows out-of-bounds access via encodings", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78107", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78116", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78145", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78161", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78186", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78169", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78198", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78197", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78192", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78224", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.7823", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78244", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860334", "reference_id": "1860334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860334" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14403" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxh7-7s8e-g3ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82899?format=api", "vulnerability_id": "VCID-p9tk-fn6b-cbbv", "summary": "libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93254", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93258", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93271", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93275", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93273", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93292", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93297", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93304", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.9331", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93307", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.10572", "scoring_system": "epss", "scoring_elements": "0.93302", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671407", "reference_id": "1671407", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671407" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941", "reference_id": "920941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928991?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20748" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9tk-fn6b-cbbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33203?format=api", "vulnerability_id": "VCID-pkx1-zfqh-mqe8", "summary": "This GLSA contains notification of vulnerabilities found in several\n Gentoo packages which have been fixed prior to January 1, 2012. The worst\n of these vulnerabilities could lead to local privilege escalation and\n remote code execution. Please see the package list and CVE identifiers\n below for more information.", "references": [ { "reference_url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.28/vino-2.28.3.news" }, { "reference_url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/2.32/vino-2.32.2.news" }, { "reference_url": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp.gnome.org/pub/GNOME/sources/vino/3.0/vino-3.0.2.news" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=0c2c9175963fc56bf2af10e42867181332f96ce0" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=456dadbb5c5971d3448763a44c05b9ad033e522f" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=8beefcf7792d343c10c919ee0c928c81f73b1279" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=d050a22b1c284b633c407ef92fde95c47e8fdb8a" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=dff52694a384fe95195f2211254026b752d63ec4" }, { "reference_url": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/commit/?id=e17bd4e369f90748654e31a4867211dc7610975d" }, { "reference_url": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/log/?h=gnome-2-30" }, { "reference_url": "http://git.gnome.org/browse/vino/tree/NEWS", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/vino/tree/NEWS" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0169.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0169.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71755", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71627", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71634", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71652", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71675", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71699", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71708", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71714", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71695", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.71744", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00685", "scoring_system": "epss", "scoring_elements": "0.7175", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0904" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=641802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=641802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904" }, { "reference_url": "http://secunia.com/advisories/44410", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44410" }, { "reference_url": "http://secunia.com/advisories/44463", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44463" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67243" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2238", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2011/dsa-2238" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:087" }, { "reference_url": "http://www.securityfocus.com/bid/47681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47681" }, { "reference_url": "http://www.ubuntu.com/usn/usn-1128-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-1128-1/" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/1144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/1144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=694455", "reference_id": "694455", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=694455" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.13.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.13.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.17.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.17.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.18.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.18.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.19.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.19.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.21.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.21.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.22.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.22.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.22.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.23.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.23.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.24.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.24.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.25.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.25.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.26.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.26.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.26.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.27.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.27.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.28.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.28.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.28.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.32.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.32.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.32.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7.4.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7.4.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.4.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.7.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.7.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:2.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:2.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:3.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:david_king:vino:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:david_king:vino:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0904", "reference_id": "CVE-2011-0904", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0904" }, { "reference_url": "https://security.gentoo.org/glsa/201412-09", "reference_id": "GLSA-201412-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0169", "reference_id": "RHSA-2013:0169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0169" }, { "reference_url": "https://usn.ubuntu.com/1128-1/", "reference_id": "USN-1128-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1128-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928986?format=api", "purl": "pkg:deb/debian/libvncserver@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0904" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pkx1-zfqh-mqe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81153?format=api", "vulnerability_id": "VCID-q3t7-3yq6-gkan", "summary": "libvncserver: unaligned accesses in hybiReadAndDecode can lead to a crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83715", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83769", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83815", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83816", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83841", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83849", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83854", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849881", "reference_id": "1849881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849881" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-20840" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q3t7-3yq6-gkan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81891?format=api", "vulnerability_id": "VCID-q4eg-8ph7-nfer", "summary": "libvncserver: information disclosure and ASLR bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90805", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90811", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90823", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90833", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.9086", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90882", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90879", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90878", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90891", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.9089", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06191", "scoring_system": "epss", "scoring_elements": "0.90888", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15681" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854761", "reference_id": "1854761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854761" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793", "reference_id": "943793", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943793" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784", "reference_id": "945784", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784" }, { "reference_url": "https://usn.ubuntu.com/4407-1/", "reference_id": "USN-4407-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4407-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928989?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-15681" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4eg-8ph7-nfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30947?format=api", "vulnerability_id": "VCID-q89b-2emb-j3br", "summary": "Multiple vulnerabilities have been found in ssvnc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20024.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87937", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.8796", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87964", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87984", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87991", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.88002", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87995", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.87994", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.88008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.88007", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.88023", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03729", "scoring_system": "epss", "scoring_elements": "0.88029", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661132", "reference_id": "1661132", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661132" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827", "reference_id": "945827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945827" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://security.gentoo.org/glsa/202006-06", "reference_id": "GLSA-202006-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-06" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-2/", "reference_id": "USN-4547-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-2/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20024" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q89b-2emb-j3br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81716?format=api", "vulnerability_id": "VCID-qde7-y8q2-2bgq", "summary": "libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15690.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88864", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88872", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88952", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88932", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88928", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88945", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.8889", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88914", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.8892", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04329", "scoring_system": "epss", "scoring_elements": "0.88934", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811948", "reference_id": "1811948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811948" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163", "reference_id": "954163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163" }, { "reference_url": "https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/", "reference_id": "klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-24T18:22:46Z/" } ], "url": "https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0913", "reference_id": "RHSA-2020:0913", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0920", "reference_id": "RHSA-2020:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0921", "reference_id": "RHSA-2020:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0921" }, { "reference_url": "https://usn.ubuntu.com/4407-1/", "reference_id": "USN-4407-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4407-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928993?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-15690" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qde7-y8q2-2bgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81159?format=api", "vulnerability_id": "VCID-qfyp-1xhm-13au", "summary": "libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.88996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.8902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89039", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89045", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89057", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89052", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.8905", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89064", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89063", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89059", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89077", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89084", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89087", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860344", "reference_id": "1860344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14397" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyp-1xhm-13au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82898?format=api", "vulnerability_id": "VCID-qukp-tx5e-6yhe", "summary": "libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93175", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93189", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93187", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93196", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93205", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93204", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93219", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93224", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93232", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93237", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93235", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93231", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20750" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671405", "reference_id": "1671405", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671405" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941", "reference_id": "920941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928991?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20750" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qukp-tx5e-6yhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81152?format=api", "vulnerability_id": "VCID-sgkq-a36z-gyfp", "summary": "libvncserver: buffer overflow in ConnectClientToUnixSock()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88505", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88513", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.8853", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88534", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88553", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88557", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88569", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88575", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88571", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88585", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88591", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88589", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849877", "reference_id": "1849877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-20839" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgkq-a36z-gyfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81857?format=api", "vulnerability_id": "VCID-tj14-ykx8-qqgn", "summary": "libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20788.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.7406", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73929", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73938", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73964", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73935", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73969", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73983", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74006", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73979", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74019", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74028", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.7402", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74052", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.74061", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829870", "reference_id": "1829870", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829870" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163", "reference_id": "954163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0913", "reference_id": "RHSA-2020:0913", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0920", "reference_id": "RHSA-2020:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0921", "reference_id": "RHSA-2020:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0921" }, { "reference_url": "https://usn.ubuntu.com/4407-1/", "reference_id": "USN-4407-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4407-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928993?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.12%2Bdfsg-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.12%252Bdfsg-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-20788" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tj14-ykx8-qqgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79074?format=api", "vulnerability_id": "VCID-tnzy-mktx-e7fm", "summary": "libvncserver: a memory leak via the function rfbClientCleanup() may lead to a DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29260.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29260.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46493", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46551", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.465", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46555", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4655", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46559", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46615", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46613", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46541", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46552", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46501", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29260" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29260" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019228", "reference_id": "1019228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019228" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124164", "reference_id": "2124164", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124164" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928995?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-29260" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tnzy-mktx-e7fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42294?format=api", "vulnerability_id": "VCID-ug79-puqk-33ce", "summary": "An integer overflow in TigerVNC might allow remote attackers to\n execute\n arbitrary code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0113.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6051.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6051.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.9121", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91123", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91136", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91144", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91157", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91164", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91171", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91174", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91173", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91197", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.912", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91213", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06605", "scoring_system": "epss", "scoring_elements": "0.91211", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055" }, { "reference_url": "http://seclists.org/oss-sec/2014/q3/639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q3/639" }, { "reference_url": "http://secunia.com/advisories/61506", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61506" }, { "reference_url": "https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html" }, { "reference_url": "https://www.kde.org/info/security/advisory-20140923-1.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kde.org/info/security/advisory-20140923-1.txt" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3081" }, { "reference_url": "http://www.ocert.org/advisories/ocert-2014-007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ocert.org/advisories/ocert-2014-007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/11", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/11" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "reference_url": "http://www.securityfocus.com/bid/70093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70093" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144287", "reference_id": "1144287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745", "reference_id": "762745", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6051", "reference_id": "CVE-2014-6051", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6051" }, { "reference_url": "https://security.gentoo.org/glsa/201507-07", "reference_id": "GLSA-201507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-07" }, { "reference_url": "https://security.gentoo.org/glsa/201612-36", "reference_id": "GLSA-201612-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1826", "reference_id": "RHSA-2014:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0113", "reference_id": "RHSA-2015:0113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0113" }, { "reference_url": "https://usn.ubuntu.com/2365-1/", "reference_id": "USN-2365-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2365-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928987?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-6051" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ug79-puqk-33ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57889?format=api", "vulnerability_id": "VCID-uuzf-kk8s-qyaa", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6054.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6054.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.9702", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.96973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.9698", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.96985", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.96987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.96995", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.96996", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.96999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.97", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.97009", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.97012", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.97015", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.97016", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.34577", "scoring_system": "epss", "scoring_elements": "0.97018", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055" }, { "reference_url": "http://seclists.org/oss-sec/2014/q3/639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q3/639" }, { "reference_url": "http://secunia.com/advisories/61506", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61506" }, { "reference_url": "http://secunia.com/advisories/61682", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61682" }, { "reference_url": "https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec0a9d580a8f420f41718bdd235446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/newsoft/libvncserver/commit/05a9bd41a8ec0a9d580a8f420f41718bdd235446" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3081" }, { "reference_url": "http://www.ocert.org/advisories/ocert-2014-007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ocert.org/advisories/ocert-2014-007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/11", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/11" }, { "reference_url": "http://www.securityfocus.com/bid/70094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70094" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2365-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2365-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144291", "reference_id": "1144291", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144291" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745", "reference_id": "762745", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6054", "reference_id": "CVE-2014-6054", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6054" }, { "reference_url": "https://security.gentoo.org/glsa/201507-07", "reference_id": "GLSA-201507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1826", "reference_id": "RHSA-2014:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1827", "reference_id": "RHSA-2014:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1827" }, { "reference_url": "https://usn.ubuntu.com/2365-1/", "reference_id": "USN-2365-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2365-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928987?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-6054" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uuzf-kk8s-qyaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82897?format=api", "vulnerability_id": "VCID-v7mt-jtes-h3bz", "summary": "libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93175", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93189", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93187", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93196", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93205", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93204", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93219", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93224", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93232", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93237", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93235", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.10369", "scoring_system": "epss", "scoring_elements": "0.93231", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20749" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671403", "reference_id": "1671403", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671403" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941", "reference_id": "920941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920941" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928991?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20749" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7mt-jtes-h3bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38619?format=api", "vulnerability_id": "VCID-vywb-buqd-w3dw", "summary": "Multiple vulnerabilities have been found in LibVNCServer, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94919", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94927", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94931", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94943", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94947", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.9495", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94952", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.9496", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94963", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.168", "scoring_system": "epss", "scoring_elements": "0.94967", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661114", "reference_id": "1661114", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661114" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://security.gentoo.org/glsa/201908-05", "reference_id": "GLSA-201908-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-05" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20019" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vywb-buqd-w3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81155?format=api", "vulnerability_id": "VCID-wzpf-4nu7-xyc6", "summary": "libvncserver: libvncclient/rfbproto.c does not limit TextChat size", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80698", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80729", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80725", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80753", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80761", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80762", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80791", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80792", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80793", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80817", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80821", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80835", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860325", "reference_id": "1860325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14405" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzpf-4nu7-xyc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81162?format=api", "vulnerability_id": "VCID-x78k-5wm4-kkaj", "summary": "libvncserver: byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85332", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85211", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85241", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85244", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85288", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85304", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85305", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85301", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85323", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860361", "reference_id": "1860361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860361" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928994?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14400" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x78k-5wm4-kkaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57890?format=api", "vulnerability_id": "VCID-xk15-h8qm-gfbf", "summary": "security update", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0113.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6055.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6055.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6055", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93519", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93451", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93459", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93467", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93475", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93479", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93504", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.9351", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11157", "scoring_system": "epss", "scoring_elements": "0.93516", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6055" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055" }, { "reference_url": "http://seclists.org/oss-sec/2014/q3/639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q3/639" }, { "reference_url": "http://secunia.com/advisories/61506", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61506" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96187" }, { "reference_url": "https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/newsoft/libvncserver/commit/06ccdf016154fde8eccb5355613ba04c59127b2e" }, { "reference_url": "https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/newsoft/libvncserver/commit/f528072216dec01cee7ca35d94e171a3b909e677" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html" }, { "reference_url": "https://www.kde.org/info/security/advisory-20140923-1.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kde.org/info/security/advisory-20140923-1.txt" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3081", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3081" }, { "reference_url": "http://www.ocert.org/advisories/ocert-2014-007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ocert.org/advisories/ocert-2014-007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/11", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/11" }, { "reference_url": "http://www.securityfocus.com/bid/70096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70096" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144293", "reference_id": "1144293", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144293" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745", "reference_id": "762745", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libvncserver:libvncserver:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5.z:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6055", "reference_id": "CVE-2014-6055", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6055" }, { "reference_url": "https://security.gentoo.org/glsa/201507-07", "reference_id": "GLSA-201507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1826", "reference_id": "RHSA-2014:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1827", "reference_id": "RHSA-2014:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0113", "reference_id": "RHSA-2015:0113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0113" }, { "reference_url": "https://usn.ubuntu.com/2365-1/", "reference_id": "USN-2365-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2365-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928987?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-6055" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xk15-h8qm-gfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74011?format=api", "vulnerability_id": "VCID-xqer-ndmy-gfgp", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94555", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94563", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.9457", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94572", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94582", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94586", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94613", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.15138", "scoring_system": "epss", "scoring_elements": "0.94615", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661102", "reference_id": "1661102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661102" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941", "reference_id": "916941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0059", "reference_id": "RHSA-2019:0059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0059" }, { "reference_url": "https://usn.ubuntu.com/3877-1/", "reference_id": "USN-3877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3877-1/" }, { "reference_url": "https://usn.ubuntu.com/4547-1/", "reference_id": "USN-4547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4547-1/" }, { "reference_url": "https://usn.ubuntu.com/4587-1/", "reference_id": "USN-4587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928990?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.11%252Bdfsg-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928983?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928981?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928985?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928984?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-81pq-5gvp-zfgw" }, { "vulnerability": "VCID-aphg-42c4-9yct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000450?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072636?format=api", "purl": "pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-15127" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqer-ndmy-gfgp" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-4%3Fdistro=trixie" }