CVE Tools

libvncserver project

Communicationsoss-project

6

Cumulative CVEs

2

Monthly snapshots

#53

Peak rank

Top products

Latest CVEs

The 12 most recently published vulnerabilities affecting libvncserver project.

CVE-2026-32854LibVNCServer httpd proxy NULL Pointer Dereference7.5Mar 24, 2026
CVE-2026-32853LibVNCServer UltraZip Encoding Heap Out-of-bounds Read8.1Mar 24, 2026
CVE-2020-29260libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().7.5Sep 2, 2022
CVE-2020-25708A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a ...7.5Nov 27, 2020
CVE-2017-18922It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket ...9.8Jun 30, 2020
CVE-2020-14399An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.7.5Jun 17, 2020
CVE-2020-14400An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerab...7.5Jun 17, 2020
CVE-2020-14401An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.6.5Jun 17, 2020
CVE-2010-5304A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a spec...7.5Feb 5, 2020
CVE-2018-7225An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive...9.8Feb 19, 2018
CVE-2016-9942Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a c...9.8Dec 31, 2016
CVE-2016-9941Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via ...9.8Dec 31, 2016