VYPR

rpm package

suse/LibVNCServer&distro=SUSE Linux Enterprise Server 16.0

pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%2016.0

Vulnerabilities (3)

  • CVE-2026-44988HigMay 27, 2026
    affected < 0.9.14-160000.5.1fixed 0.9.14-160000.5.1

    LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A ma

  • CVE-2026-32854Mar 24, 2026
    affected < 0.9.14-160000.4.1fixed 0.9.14-160000.4.1

    LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. A

  • CVE-2026-32853Mar 24, 2026
    affected < 0.9.14-160000.4.1fixed 0.9.14-160000.4.1

    LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checkin