VYPR

rpm package

suse/LibVNCServer&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (3)

  • CVE-2026-44988HigMay 27, 2026
    affected < 0.9.9-17.47.1fixed 0.9.9-17.47.1

    LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A ma

  • CVE-2026-32854Mar 24, 2026
    affected < 0.9.9-17.44.1fixed 0.9.9-17.44.1

    LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. A

  • CVE-2026-32853Mar 24, 2026
    affected < 0.9.9-17.44.1fixed 0.9.9-17.44.1

    LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checkin