) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:libvncserver_project:libvncserver:0.9.12
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-25708 |
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. Published: November 27, 2020; 1:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-14401 |
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. Published: June 17, 2020; 12:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
| CVE-2020-14400 |
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary Published: June 17, 2020; 12:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-14399 |
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. Published: June 17, 2020; 12:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |