Libvncserver - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Libvncserver
(Libvnc_project)

Repositories	https://github.com/LibVNC/libvncserver
#Vulnerabilities	24

Date	Id	Summary	Products	Score	Patch	Annotated
2020-06-17	CVE-2020-14396	An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5
2020-06-17	CVE-2020-14397	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.	Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5
2020-06-17	CVE-2020-14398	An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.	Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5
2020-06-17	CVE-2020-14402	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	5.4
2020-06-17	CVE-2020-14403	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	5.4
2020-06-17	CVE-2020-14404	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	5.4
2020-06-17	CVE-2020-14405	An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	6.5
2020-06-17	CVE-2018-21247	An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.	Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5
2020-06-17	CVE-2019-20839	libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.	Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5
2020-06-17	CVE-2019-20840	An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.	Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5