VNC : Security Vulnerabilities, CVEs,
CVE-2006-2369
Public exploit
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
Max CVSS
7.5
EPSS Score
97.20%
Published
2006-05-15
Updated
2022-05-13
RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900.
Max CVSS
5.0
EPSS Score
1.22%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found