VDB

CVE-2019-15680

CVE-2019-15680 PUBLISHED

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.

EPSS 0.73% · 73.1th percentile

Risk Scores

EPSS Score
0.73%
73.1th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSssvnc1.0.29-3build1, 0, 1.0.29-3
Ubuntu:24.04:LTSvncsnapshot0, 1.2a-5.2
Ubuntu:25.10tightvnc1:1.3.10-9, 1:1.3.10-10, 0
Ubuntu:22.04:LTSvncsnapshot*, 0
Ubuntu:22.04:LTSveyon0, 4.5.3+repack1-1build2, 4.5.3+repack1-1build1
Ubuntu:18.04:LTSvncsnapshot0, 1.2a-5.1, 1.2a-5.1build1
Ubuntu:24.04:LTSssvnc0, 1.0.29-6, 1.0.29-6ubuntu1
Ubuntu:22.04:LTSssvnc1.0.29-6, 0, 1.0.29-5
Ubuntu:20.04:LTSveyon4.2.4+repack1-2, 4.2.5+repack1-1, 4.3.1+repack1-1
Ubuntu:25.10ssvnc0, 1.0.29-7, 1.0.29-6.1
Ubuntu:Pro:14.04:LTStightvnc1.3.9-6.4ubuntu1, 1.3.9-6.4, 0
Ubuntu:16.04:LTSvncsnapshot1.2a-5.1, 0
Ubuntu:25.10vncsnapshot0, 1.2a-6, 1.2a-7
Ubuntu:25.10veyon0, *, *
Ubuntu:18.04:LTStightvnc1.3.10-0ubuntu3, 0, 1.3.10-0ubuntu4
Ubuntu:20.04:LTSvncsnapshot0, 1.2a-5.1build1, 1.2a-5.1build2
Ubuntu:16.04:LTStightvnc0, 1.3.10-0ubuntu2, 1.3.10-0ubuntu3
Ubuntu:22.04:LTStightvnc0, 1:1.3.10-5, 1:1.3.10-3
Ubuntu:16.04:LTSssvnc1.0.29-2+deb8u1build0.16.04.1, 0, 1.0.29-2build1
Ubuntu:20.04:LTSssvnc1.0.29-4build1, 0, 1.0.29-5

…and 7 more

Timeline

  • Oct 29, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›