vulnerability
Oracle Linux: CVE-2019-15692: ELSA-2020-1497: tigervnc security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Sep 10, 2019 | Oct 7, 2020 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Sep 10, 2019
Added
Oct 7, 2020
Modified
Dec 3, 2025
Description
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
Solutions
oracle-linux-upgrade-tigervncoracle-linux-upgrade-tigervnc-iconsoracle-linux-upgrade-tigervnc-licenseoracle-linux-upgrade-tigervnc-serveroracle-linux-upgrade-tigervnc-server-appletoracle-linux-upgrade-tigervnc-server-minimaloracle-linux-upgrade-tigervnc-server-module
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.