CVE-2019-8268

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.

Publication date: Sat, 09 Mar 2019 05:29:00 +0000

Cyber News related to CVE-2019-8268

CVE-2019-8268 - UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network ...
4 years ago

CVE-2014-8268 - QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request. ...
10 years ago

CVE-2015-8268 - The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors. ...
8 years ago

CVE-2017-8268 - In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read. ...
1 year ago

CVE-2020-8268 - Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor. ...
4 years ago

CVE-2016-8268 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none ...
55 years ago Tenable.com

CVE-2019-1015 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1016 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-0977 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-1009, ...
5 years ago

CVE-2019-1013 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1046 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1050 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1049 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1048 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1047 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1010 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1011 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1012 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1009 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-0968 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0977, CVE-2019-1009, ...
4 years ago

CVE-2019-18299 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18298 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18291 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18292 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18294 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

Latest Cyber News

Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 8 minutes ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 16 minutes ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 3 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 3 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 3 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 4 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 4 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 6 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 6 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 7 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 7 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 8 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 9 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 9 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 9 hours ago
CVE-2025-1207 - 10 hours ago
CVE-2025-0556 - 10 hours ago
CVE-2025-1206 - 11 hours ago
CVE-2025-1212 - 11 hours ago
CVE-2025-1244 - 11 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 8 minutes ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 16 minutes ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 3 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 3 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 3 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 4 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 4 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 7 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 9 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 8 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 7 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 6 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 9 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 6 hours ago
CVE-2023-40721 - 1 day ago
CVE-2024-12755 - 1 day ago
CVE-2024-12756 - 1 day ago
CVE-2024-27780 - 1 day ago
CVE-2024-27781 - 1 day ago