VYPR

rpm package

opensuse/LibVNCServer&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/LibVNCServer&distro=openSUSE%20Leap%2016.0

Vulnerabilities (2)

  • CVE-2026-32854Mar 24, 2026
    affected < 0.9.14-160000.4.1fixed 0.9.14-160000.4.1

    LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. A

  • CVE-2026-32853Mar 24, 2026
    affected < 0.9.14-160000.4.1fixed 0.9.14-160000.4.1

    LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checkin