ultravnc · threatengine.sh

CVE-2026-4962

>= 1.6.0.0 and <= 1.6.4.0

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library

7.0HIGH

CVE-2026-3787

all versions

A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of th

7.0HIGH

CVE-2020-37133

<= 1.2.4.0

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attacker

7.5HIGH

CVE-2020-37132

<= 1.2.4.0

UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local at

6.2MEDIUM

CVE-2022-24750

< 1.3.8.1

UltraVNC is a free and open source remote pc access software. A vulnerability has been found in versions prior to 1.3.8.0 in which

8.8HIGH

CVE-2019-8280

< 1.2.2.3

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code

9.8CRITICAL

CVE-2019-8277

< 1.2.2.3

UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory

7.5HIGH

CVE-2019-8276

< 1.2.2.3

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which ca

7.5HIGH

CVE-2019-8275

< 1.2.2.3

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound dat

9.8CRITICAL

CVE-2019-8274

< 1.2.2.3

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can p

9.8CRITICAL

CVE-2019-8273

< 1.2.2.3

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can

9.8CRITICAL

CVE-2019-8272

< 1.2.2.3

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution.

9.8CRITICAL

CVE-2019-8271

< 1.2.2.3

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potenti

9.8CRITICAL

CVE-2019-8270

< 1.2.2.3

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of

7.5HIGH

CVE-2019-8269

< 1.2.2.3

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to

7.5HIGH

CVE-2019-8268

< 1.2.2.3

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnectio

9.8CRITICAL

CVE-2019-8267

< 1.2.2.3

UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial o

7.5HIGH

CVE-2019-8266

< 1.2.2.3

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybu

9.8CRITICAL

CVE-2019-8265

< 1.2.2.3

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC c

9.8CRITICAL

CVE-2019-8264

< 1.2.2.3

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in

9.8CRITICAL

CVE-2019-8263

< 1.2.2.3

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads t

6.5MEDIUM

CVE-2019-8262

< 1.2.2.3

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in

9.8CRITICAL

CVE-2019-8261

< 1.2.2.3

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication ov

9.8CRITICAL

CVE-2019-8260

< 1.2.2.3

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. T

9.8CRITICAL

CVE-2019-8259

< 1.2.2.3

UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory a

7.5HIGH

CVE-2019-8258

< 1.2.2.3

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appea

9.8CRITICAL

CVE-2018-15361

< 1.2.2.3

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. Th

9.8CRITICAL

CVE-2016-5673

<= 1201

UltraVNC Repeater before 1300 does not restrict destination IP addresses or TCP ports, which allows remote attackers to obtain ope

7.5HIGH

CVE-2010-5248

all versions

Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local users to gain privileges via a Trojan horse vnclang.dll file

CVE-2009-0388

all versions

Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a deni

CVE-2008-5001

all versions

Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.

CVE-2008-0610

all versions

Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncvie

CVE-2006-2206

all versions

The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allow

CVE-2006-1652

all versions

Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remo

uvnc ultravnc