Search CVE reports
211 – 220 of 494 results
Some fixes available 8 of 24
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information...
5 affected packages
tightvnc, italc, libvncserver, ssvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| italc | Not in release | Not in release | Not in release | Fixed |
| libvncserver | Not affected | Not affected | Not affected | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable |
| x11vnc | Not affected | Not affected | Not affected | Not affected |
Some fixes available 8 of 24
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM
5 affected packages
italc, tightvnc, libvncserver, ssvnc, x11vnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| italc | Not in release | Not in release | Not in release | Fixed |
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libvncserver | Not affected | Not affected | Not affected | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable |
| x11vnc | Not affected | Not affected | Not affected | Not affected |
Some fixes available 8 of 24
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
5 affected packages
tightvnc, libvncserver, x11vnc, italc, ssvnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libvncserver | Not affected | Not affected | Not affected | Fixed |
| x11vnc | Not affected | Not affected | Not affected | Not affected |
| italc | Not in release | Not in release | Not in release | Fixed |
| ssvnc | Not affected | Not affected | Not affected | Vulnerable |
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially...
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | Not affected |
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | Fixed |
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | Fixed |
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | Fixed |
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | Fixed |
Some fixes available 3 of 4
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the...
1 affected package
lighttpd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| lighttpd | — | Not affected | Not affected | Fixed |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
1 affected package
ghostscript
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | — | — | — | Fixed |