Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 22 results


CVE-2020-29260

Low priority
Needs evaluation

libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

6 affected packages

italc, libvncserver, tightvnc, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Needs evaluation Needs evaluation
libvncserver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
vino Not affected Not affected Not affected Not affected Not affected
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-25708

Medium priority

Some fixes available 15 of 53

A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception,...

6 affected packages

italc, libvncserver, tightvnc, veyon, vino, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Needs evaluation Needs evaluation
libvncserver Not affected Not affected Fixed Fixed Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-15681

Low priority

Some fixes available 18 of 76

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another...

7 affected packages

italc, krfb, libvncserver, tightvnc, veyon...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Fixed Fixed
krfb Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libvncserver Not affected Not affected Not affected Fixed Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Fixed Fixed Fixed Fixed Fixed
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2018-20750

Medium priority

Some fixes available 6 of 7

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

3 affected packages

italc, libvncserver, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Fixed Fixed
libvncserver Not affected Fixed Fixed
x11vnc Not affected Not affected Not affected
Show less packages

CVE-2018-20749

Medium priority

Some fixes available 6 of 7

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

3 affected packages

italc, libvncserver, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Fixed Fixed
libvncserver Not affected Fixed Fixed
x11vnc Not affected Not affected Not affected
Show less packages

CVE-2018-20748

Medium priority

Some fixes available 7 of 20

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

4 affected packages

italc, libvncserver, tightvnc, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Fixed Fixed
libvncserver Not affected Not affected Not affected Fixed Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-20024

Medium priority

Some fixes available 7 of 9

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.

4 affected packages

italc, libvncserver, ssvnc, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Fixed Fixed
libvncserver Not affected Not affected Not affected Fixed Fixed
ssvnc Not affected Not affected Not affected Vulnerable Fixed
x11vnc Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-20023

Medium priority

Some fixes available 6 of 7

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure....

3 affected packages

italc, libvncserver, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Fixed Fixed
libvncserver Not affected Fixed Fixed
x11vnc Not affected Not affected Not affected
Show less packages

CVE-2018-20022

Medium priority

Some fixes available 8 of 22

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information...

5 affected packages

italc, libvncserver, ssvnc, tightvnc, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Fixed Fixed
libvncserver Not affected Not affected Not affected Fixed Fixed
ssvnc Not affected Not affected Not affected Vulnerable Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-20021

Medium priority

Some fixes available 8 of 22

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM

5 affected packages

italc, libvncserver, ssvnc, tightvnc, x11vnc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
italc Not in release Not in release Not in release Fixed Fixed
libvncserver Not affected Not affected Not affected Fixed Fixed
ssvnc Not affected Not affected Not affected Vulnerable Fixed
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Not affected Not affected Not affected Not affected Not affected
Show less packages