Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2011-1775 5.8
The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-middle attackers to spoof a TLS VNC server via an ar
13-02-2023 - 00:17 26-05-2011 - 18:55
CVE-2019-15695 6.5
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from
16-10-2020 - 20:00 26-12-2019 - 16:15
CVE-2017-7396 5.0
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
03-10-2019 - 00:03 01-04-2017 - 02:59
CVE-2015-9262 7.5
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.
16-04-2019 - 19:08 01-08-2018 - 23:29
CVE-2017-5581 6.8
Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries.
05-01-2018 - 02:31 28-02-2017 - 18:59
CVE-2014-8241 7.5
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.
20-12-2016 - 02:59 14-12-2016 - 22:59
Back to Top Mark selected
Back to Top