Pierre Ossman

9 exploits Active since Dec 2019
CVE-2020-26117 WRITEUP HIGH WRITEUP
TigerVNC < 1.11.0 - Improper Certificate Validation
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
CVSS 8.1
CVE-2021-29390 WRITEUP HIGH WRITEUP
libjpeg-turbo 2.0.90 - Heap-Based Buffer Over-Read in jdcoefct.c
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
CVSS 7.1
CVE-2026-34352 WRITEUP HIGH WRITEUP
TigerVNC <1.16.2 - Privilege Escalation
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
CVSS 8.5
CVE-2019-15691 WRITEUP HIGH WRITEUP
TigerVNC < 1.10.1 - Use-After-Free in ZRLEDecoder
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
CVSS 7.2
CVE-2019-15692 WRITEUP HIGH WRITEUP
TigerVNC < 1.10.1 - Heap-based Buffer Overflow in CopyRectDecoder
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
CVSS 7.2
CVE-2019-15693 WRITEUP HIGH WRITEUP
TigerVNC < 1.10.1 - Heap-based Buffer Overflow in TightDecoder::FilterGradient
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
CVSS 7.2
CVE-2019-15694 WRITEUP HIGH WRITEUP
TigerVNC < 1.10.1 - Heap-based Buffer Overflow in DecodeManager::decodeRect
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
CVSS 7.2
CVE-2019-15695 WRITEUP HIGH WRITEUP
TigerVNC < 1.10.1 - Remote Code Execution via PixelFormat Buffer Overflow
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
CVSS 7.2
CVE-2020-26117 WRITEUP HIGH WRITEUP
TigerVNC < 1.11.0 - Improper Certificate Validation
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
CVSS 8.1