Shodan
Vulnerabilities
Vulnerable Software
Canonical:  >> Ubuntu Linux  >> 18.04  Security Vulnerabilities
CVE-2020-14404
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.013
Published
2020-06-17
CVE-2020-14405
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
CVSS Score
6.5
EPSS Score
0.014
Published
2020-06-17
CVE-2018-21247
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
CVSS Score
7.5
EPSS Score
0.015
Published
2020-06-17
CVE-2019-20839
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
CVSS Score
7.5
EPSS Score
0.041
Published
2020-06-17
CVE-2019-20840
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
CVSS Score
7.5
EPSS Score
0.02
Published
2020-06-17
CVE-2020-14396
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.016
Published
2020-06-17
CVE-2020-14397
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.044
Published
2020-06-17
CVE-2020-14398
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
CVSS Score
7.5
EPSS Score
0.023
Published
2020-06-17
CVE-2020-14399
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
CVSS Score
7.5
EPSS Score
0.025
Published
2020-06-17
CVE-2020-14400
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
CVSS Score
7.5
EPSS Score
0.025
Published
2020-06-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved