Researchers found 37 security vulnerabilities impacting four open-source Virtual Network Computing (VNC) implementations. The flaws were found in LibVNC, TightVNC 1.X, TurboVNC and UltraVNC VNC solutions examined by Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) security researcher Pavel Cheremushkin. Attacks exploiting them can lead to denial of service states, malfunctions, as well as unauthorized access to the users’ info and the option to run malicious code on a target’s device.
Source: https://www.bleepingcomputer.com/news/security/dozens-of-vnc-vulnerabilities-found-in-linux-windows-solutions/