{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T20:52:02.388","vulnerabilities":[{"cve":{"id":"CVE-2018-15127","sourceIdentifier":"vulnerability@kaspersky.com","published":"2018-12-19T16:29:00.297","lastModified":"2024-11-21T03:50:21.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution"},{"lang":"es","value":"LibVNC antes del commit con ID 502821828ed00b4a2c4bef90683d0fd88ce495de contiene una vulnerabilidad de escritura de memoria dinámica (heap) fuera de límites en el código del servidor de la extensión de transferencia de archivos que puede resultar en la ejecución remota de código."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*","versionEndExcluding":"0.9.12","matchCriteriaId":"DEF1BF44-78B8-44E3-9A5A-29AB8111322B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","matchCriteriaId":"07C312A0-CD2C-4B9C-B064-6409B25C278F"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B353CE99-D57C-465B-AAB0-73EF581127D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"BF77CDCF-B9C9-427D-B2BF-36650FB2148C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2019:0059","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html","source":"vulnerability@kaspersky.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html","source":"vulnerability@kaspersky.com"},{"url":"https://usn.ubuntu.com/3877-1/","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4547-1/","source":"vulnerability@kaspersky.com"},{"url":"https://usn.ubuntu.com/4587-1/","source":"vulnerability@kaspersky.com"},{"url":"https://www.debian.org/security/2019/dsa-4383","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0059","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://usn.ubuntu.com/3877-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4547-1/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://usn.ubuntu.com/4587-1/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.debian.org/security/2019/dsa-4383","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}