Uvnc Ultravnc

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Uvnc Ultravnc.

By the Year

In 2026 there have been 4 vulnerabilities in Uvnc Ultravnc with an average score of 6.1 out of ten. Ultravnc did not have any published security vulnerabilities last year. That is, 4 more vulnerabilities have already been reported in 2026 as compared to last year.

Year	Vulnerabilities	Average Score
2026	4	6.10
2025	0	0.00
2024	0	0.00
2023	0	0.00
2022	1	7.80
2021	0	0.00
2020	0	0.00
2019	22	0.00

It may take a day or so for new Ultravnc vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Uvnc Ultravnc Security Vulnerabilities

Buffer Overflow in UltraVNC Launcher 1.2.2.4's vncviewer.exe Path property causes DoS
CVE-2019-25601 6.2 - Medium - March 22, 2026

UltraVNC Launcher 1.2.2.4 contains a buffer overflow vulnerability in the Path vncviewer.exe property field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 300-byte payload of repeated characters through the Properties dialog to trigger a denial of service condition.

Memory Corruption

UltraVNC Viewer 1.2.2.4 DoS via Buffer Overflow in VNC Server field
CVE-2019-25600 6.5 - Medium - March 22, 2026

UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer.

Memory Corruption

PCHelpWareV2 1.0.0.5 local DOS via Group field buffer overflow
CVE-2019-25564 5.5 - Medium - March 21, 2026

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash.

Memory Corruption

PCHelpWareV2 1.0.0.5 DOS via malformed BMP in Create SC
CVE-2019-25563 6.2 - Medium - March 21, 2026

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the application to crash.

Sensitive Information in Resource Not Removed Before Reuse

UltraVNC is a free and open source remote pc access software
CVE-2022-24750 7.8 - High - March 10, 2022

UltraVNC is a free and open source remote pc access software. A vulnerability has been found in versions prior to 1.3.8.0 in which the DSM plugin module, which allows a local authenticated user to achieve local privilege escalation (LPE) on a vulnerable system. The vulnerability has been fixed to allow loading of plugins from the installed directory. Affected users should upgrade their UltraVNC to 1.3.8.1. Users unable to upgrade should not install and run UltraVNC server as a service. It is advisable to create a scheduled task on a low privilege account to launch WinVNC.exe instead. There are no known workarounds if winvnc needs to be started as a service.

Improper Privilege Management

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler
CVE-2019-8271 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Heap-based Buffer Overflow

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution
CVE-2019-8280 - March 08, 2019

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.

Access of Memory Location After End of Buffer

UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which
CVE-2019-8277 - March 08, 2019

UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

Improper Initialization

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler
CVE-2019-8276 - March 08, 2019

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Stack Overflow

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code
CVE-2019-8275 - March 08, 2019

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

Improper Null Termination

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler
CVE-2019-8274 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Heap-based Buffer Overflow

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler
CVE-2019-8273 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Heap-based Buffer Overflow

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution
CVE-2019-8272 - March 08, 2019

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

off-by-five

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder
CVE-2019-8270 - March 08, 2019

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211.

Out-of-bounds Read

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module
CVE-2019-8269 - March 08, 2019

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207.

Stack Overflow

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function
CVE-2019-8268 - March 08, 2019

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.

off-by-five

UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module
CVE-2019-8267 - March 08, 2019

UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module, which results in a denial of service (DoS) condition. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1208.

Out-of-bounds Read

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code
CVE-2019-8266 - March 08, 2019

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208.

Access of Memory Location After End of Buffer

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code
CVE-2019-8265 - March 08, 2019

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.

Access of Memory Location After End of Buffer

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder
CVE-2019-8264 - March 08, 2019

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204.

Access of Memory Location After End of Buffer

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution
CVE-2019-8258 - March 05, 2019

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

Heap-based Buffer Overflow

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution
CVE-2018-15361 - March 05, 2019

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

buffer underrun

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine
CVE-2019-8263 - March 05, 2019

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206.

Stack Overflow

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder
CVE-2019-8262 - March 05, 2019

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.

Heap-based Buffer Overflow

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow
CVE-2019-8261 - March 05, 2019

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

Out-of-bounds Read

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow
CVE-2019-8260 - March 05, 2019

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

Out-of-bounds Read

UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which
CVE-2019-8259 - March 05, 2019

UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199.

Improper Initialization

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Uvnc Ultravnc or by Uvnc? Click the Watch button to subscribe.

Uvnc
Vendor

Uvnc Ultravnc
Product

Uvnc Ultravnc

Don't miss out!

By the Year

Recent Uvnc Ultravnc Security Vulnerabilities

Buffer Overflow in UltraVNC Launcher 1.2.2.4's vncviewer.exe Path property causes DoS CVE-2019-25601 6.2 - Medium - March 22, 2026

UltraVNC Viewer 1.2.2.4 DoS via Buffer Overflow in VNC Server field CVE-2019-25600 6.5 - Medium - March 22, 2026

PCHelpWareV2 1.0.0.5 local DOS via Group field buffer overflow CVE-2019-25564 5.5 - Medium - March 21, 2026

PCHelpWareV2 1.0.0.5 DOS via malformed BMP in Create SC CVE-2019-25563 6.2 - Medium - March 21, 2026

UltraVNC is a free and open source remote pc access software CVE-2022-24750 7.8 - High - March 10, 2022

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler CVE-2019-8271 - March 08, 2019

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution CVE-2019-8280 - March 08, 2019

UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which CVE-2019-8277 - March 08, 2019

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler CVE-2019-8276 - March 08, 2019

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code CVE-2019-8275 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler CVE-2019-8274 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler CVE-2019-8273 - March 08, 2019

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution CVE-2019-8272 - March 08, 2019

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder CVE-2019-8270 - March 08, 2019

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module CVE-2019-8269 - March 08, 2019

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function CVE-2019-8268 - March 08, 2019

UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module CVE-2019-8267 - March 08, 2019

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code CVE-2019-8266 - March 08, 2019

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code CVE-2019-8265 - March 08, 2019

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder CVE-2019-8264 - March 08, 2019

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution CVE-2019-8258 - March 05, 2019

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution CVE-2018-15361 - March 05, 2019

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine CVE-2019-8263 - March 05, 2019

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder CVE-2019-8262 - March 05, 2019

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow CVE-2019-8261 - March 05, 2019

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow CVE-2019-8260 - March 05, 2019

UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which CVE-2019-8259 - March 05, 2019

Stay on top of Security Vulnerabilities

Uvnc Vendor

Uvnc UltravncProduct

Buffer Overflow in UltraVNC Launcher 1.2.2.4's vncviewer.exe Path property causes DoS
CVE-2019-25601 6.2 - Medium - March 22, 2026

UltraVNC Viewer 1.2.2.4 DoS via Buffer Overflow in VNC Server field
CVE-2019-25600 6.5 - Medium - March 22, 2026

PCHelpWareV2 1.0.0.5 local DOS via Group field buffer overflow
CVE-2019-25564 5.5 - Medium - March 21, 2026

PCHelpWareV2 1.0.0.5 DOS via malformed BMP in Create SC
CVE-2019-25563 6.2 - Medium - March 21, 2026

UltraVNC is a free and open source remote pc access software
CVE-2022-24750 7.8 - High - March 10, 2022

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler
CVE-2019-8271 - March 08, 2019

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution
CVE-2019-8280 - March 08, 2019

UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which
CVE-2019-8277 - March 08, 2019

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler
CVE-2019-8276 - March 08, 2019

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code
CVE-2019-8275 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler
CVE-2019-8274 - March 08, 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler
CVE-2019-8273 - March 08, 2019

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution
CVE-2019-8272 - March 08, 2019

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder
CVE-2019-8270 - March 08, 2019

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module
CVE-2019-8269 - March 08, 2019

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function
CVE-2019-8268 - March 08, 2019

UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module
CVE-2019-8267 - March 08, 2019

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code
CVE-2019-8266 - March 08, 2019

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code
CVE-2019-8265 - March 08, 2019

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder
CVE-2019-8264 - March 08, 2019

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution
CVE-2019-8258 - March 05, 2019

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution
CVE-2018-15361 - March 05, 2019

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine
CVE-2019-8263 - March 05, 2019

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder
CVE-2019-8262 - March 05, 2019

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow
CVE-2019-8261 - March 05, 2019

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow
CVE-2019-8260 - March 05, 2019

UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which
CVE-2019-8259 - March 05, 2019

Uvnc
Vendor

Uvnc Ultravnc
Product