Search for packages
| purl | pkg:deb/debian/libvncserver@0.9.11%2Bdfsg-1.3%2Bdeb10u4 |
| Next non-vulnerable version | 0.9.15+dfsg-1+deb13u1 |
| Latest non-vulnerable version | 0.9.15+dfsg-3 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6w3g-x86a-sfbj
Aliases: CVE-2020-14402 |
libvncserver: libvncserver/corre.c allows out-of-bounds access via encodings |
Affected by 2 other vulnerabilities. |
|
VCID-7taj-t1kg-h3a9
Aliases: CVE-2020-25708 |
libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS |
Affected by 2 other vulnerabilities. |
|
VCID-9eyh-gzse-8qdk
Aliases: CVE-2020-14401 |
libvncserver: libvncserver/scale.c has a pixel_value integer overflow |
Affected by 2 other vulnerabilities. |
|
VCID-d3c1-uv78-a7cj
Aliases: CVE-2020-14404 |
libvncserver: libvncserver/rre.c allows out-of-bounds access via encodings |
Affected by 2 other vulnerabilities. |
|
VCID-dmax-ew5t-4fg4
Aliases: CVE-2020-14396 |
libvncserver: libvncclient/tls_openssl.c has a NULL pointer dereference |
Affected by 2 other vulnerabilities. |
|
VCID-dzex-yhec-uydq
Aliases: CVE-2017-18922 |
libvncserver: websocket decoding buffer overflow |
Affected by 2 other vulnerabilities. |
|
VCID-j4kf-j3t8-fbfb
Aliases: CVE-2020-14398 |
libvncserver: an improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c |
Affected by 2 other vulnerabilities. |
|
VCID-kzk2-vaa2-6bfa
Aliases: CVE-2020-14399 |
libvncserver: byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c |
Affected by 2 other vulnerabilities. |
|
VCID-nxh7-7s8e-g3ec
Aliases: CVE-2020-14403 |
libvncserver: libvncserver/hextile.c allows out-of-bounds access via encodings |
Affected by 2 other vulnerabilities. |
|
VCID-q3t7-3yq6-gkan
Aliases: CVE-2019-20840 |
libvncserver: unaligned accesses in hybiReadAndDecode can lead to a crash |
Affected by 2 other vulnerabilities. |
|
VCID-q4eg-8ph7-nfer
Aliases: CVE-2019-15681 |
libvncserver: information disclosure and ASLR bypass |
Affected by 2 other vulnerabilities. |
|
VCID-qde7-y8q2-2bgq
Aliases: CVE-2019-15690 |
libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow |
Affected by 2 other vulnerabilities. |
|
VCID-qfyp-1xhm-13au
Aliases: CVE-2020-14397 |
libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference |
Affected by 2 other vulnerabilities. |
|
VCID-sgkq-a36z-gyfp
Aliases: CVE-2019-20839 |
libvncserver: buffer overflow in ConnectClientToUnixSock() |
Affected by 2 other vulnerabilities. |
|
VCID-tj14-ykx8-qqgn
Aliases: CVE-2019-20788 |
libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function |
Affected by 2 other vulnerabilities. |
|
VCID-tnzy-mktx-e7fm
Aliases: CVE-2020-29260 |
libvncserver: a memory leak via the function rfbClientCleanup() may lead to a DoS |
Affected by 2 other vulnerabilities. |
|
VCID-wzpf-4nu7-xyc6
Aliases: CVE-2020-14405 |
libvncserver: libvncclient/rfbproto.c does not limit TextChat size |
Affected by 2 other vulnerabilities. |
|
VCID-x78k-5wm4-kkaj
Aliases: CVE-2020-14400 |
libvncserver: byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-p9tk-fn6b-cbbv | libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019) |
CVE-2018-20748
|
| VCID-qukp-tx5e-6yhe | libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127) |
CVE-2018-20750
|
| VCID-v7mt-jtes-h3bz | libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127) |
CVE-2018-20749
|