| CVE-2026-4962 |
BDSA-2026-5703 |
High |
Mar 27, 2026 |
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the c
more...
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
less...
|
1.6.4.0, 1.6.1.0, 1.6.0.0
|
| CVE-2026-3787 |
BDSA-2026-3650 |
High |
Mar 08, 2026 |
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows S
more...
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
less...
|
1.6.4.0
|
| BDSA-2020-4953 |
|
Low |
Feb 16, 2026 |
UltraVNC Launcher is vulnerable to denial-of-service (DoS) due to improper handling of input in the `Repeater Host` configuration field. An attacker co
more...
UltraVNC Launcher is vulnerable to denial-of-service (DoS) due to improper handling of input in the `Repeater Host` configuration field. An attacker could trick a victim user into crashing the application by pasting an overly long string into the affected field.
less...
|
|
| BDSA-2020-4952 |
|
Low |
Feb 16, 2026 |
UltraVNC Launcher is vulnerable to denial-of-service (DoS) due to improper handling of input in the password configuration properties. An attacker coul
more...
UltraVNC Launcher is vulnerable to denial-of-service (DoS) due to improper handling of input in the password configuration properties. An attacker could trick a victim user into crashing the application by pasting an overly long string into the password field.
less...
|
|
