VYPR

Vnc

by Att

CVEs (2)

  • CVE-2022-25227May 20, 2022
    risk 0.00cvss epss 0.01

    Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an 'ID' that can be used to send websocket requests and achieve RCE.

  • CVE-2002-1511Mar 3, 2003
    risk 0.00cvss epss 0.02

    The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.