Lucene search
+L

586 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.3 views

SUSE CVE-2003-0063

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the...

7.5CVSS7.5AI score0.03403EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...

9.3CVSS8.3AI score0.0747EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-2797

xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals...

2.1CVSS6.7AI score0.00399EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.5 views

SUSE CVE-2008-2383

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071...

9.3CVSS8.3AI score0.04974EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.5 views

SUSE CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...

7.5CVSS7.9AI score0.07541EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-24130

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in setsixel in graphicssixel.c via crafted text...

5.5CVSS7.4AI score0.01694EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-45063

xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions...

8.8CVSS7.8AI score0.04949EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.33 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xterm (SUSE-SU-2023:0221-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0221-1 advisory. - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc120530...

9.8CVSS7.8AI score0.04949EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/02/02 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2023:0221-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.04949EPSS
Exploits1References4
OSV
OSV
added 2023/02/01 8:34 a.m.5 views

SUSE-SU-2023:0221-1 Security update for xterm

This update for xterm fixes the following issues: - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc1205305...

9.8CVSS9.8AI score0.04949EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/01/27 12:0 a.m.33 views

SUSE SLES15 Security Update : xterm (SUSE-SU-2023:0173-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0173-1 advisory. - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc1205305. Tenable has extracted the...

9.8CVSS7.8AI score0.04949EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2023:0173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.04949EPSS
Exploits1References4
OSV
OSV
added 2023/01/26 5:34 p.m.7 views

SUSE-SU-2023:0173-1 Security update for xterm

This update for xterm fixes the following issues: - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc1205305...

9.8CVSS9.8AI score0.04949EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.18 views

Fedora 35 : xterm (2022-8cf76a9ceb)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8cf76a9ceb advisory. Rebase to version 375 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

9.8CVSS8.1AI score0.04949EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.35 views

Fedora 36 : xterm (2022-681bbe67b6)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-681bbe67b6 advisory. Rebase to version 375 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

9.8CVSS8.1AI score0.04949EPSS
Exploits1References2
Prion
Prion
added 2022/12/02 11:15 p.m.31 views

Design/Logic Flaw

SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing...

4.4CVSS7.8AI score0.0043EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/12/02 10:53 p.m.27 views

CVE-2022-23465 SwiftTerm vulnerable to arbitrary command execution

SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing...

7.1CVSS8AI score0.0043EPSS
Exploits0References2
CVE
CVE
added 2022/12/02 10:53 p.m.106 views

CVE-2022-23465

SwiftTerm (Xterm/VT100 terminal emulator) contains a vulnerability where an attacker could modify the window title via a specific escape sequence and then re-insert it into the user’s terminal to execute arbitrary commands. The issue is addressed in commit a94e6b24d24ce9680ad79884992e1dff8e150a31...

7.8CVSS7.4AI score0.0043EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/12/02 10:53 p.m.29 views

CVE-2022-23465 SwiftTerm vulnerable to arbitrary command execution

SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing...

7.1CVSS7.7AI score0.0043EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/11/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2022-0441)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.04949EPSS
Exploits1References5
Rows per page
Query Builder