Ultravnc
This hub aggregates every CVE we track for Ultravnc, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
Security Productsdesktop app
32
CVEs tracked
19
Critical
10
High
0
In CISA KEV
Severity distribution
CRITICAL19HIGH10MEDIUM3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Ultravnc.
- CVE-2026-4962UltraVNC Service version.dll uncontrolled search path7.0
- CVE-2026-3787UltraVNC Windows Service cryptbase.dll uncontrolled search path7.0
- CVE-2020-37133UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service7.5
- CVE-2020-37132UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service6.2
- CVE-2022-24750Low privilege user is able to exploit the service and gain SYSTEM privileges in UltraVNC server8.8
- CVE-2019-8267UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial of service (DoS) condition. This attack appears to be exploitable vi...7.5
- CVE-2019-8272UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. Th...9.8
- CVE-2019-8268UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution...9.8
- CVE-2019-8280UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connect...9.8
- CVE-2019-8277UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another...7.5
- CVE-2019-8275UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploit...9.8
- CVE-2019-8273UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be ex...9.8
- CVE-2019-8271UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable v...9.8
- CVE-2019-8265UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This at...9.8
- CVE-2019-8264UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network ...9.8
Product normalization is registry-driven with AI assist and human review. How it works