586 matches found
SUSE CVE-2003-0063
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the...
SUSE CVE-2006-7236
The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...
SUSE CVE-2007-2797
xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals...
SUSE CVE-2008-2383
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071...
SUSE CVE-2021-27135
xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...
SUSE CVE-2022-24130
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in setsixel in graphicssixel.c via crafted text...
SUSE CVE-2022-45063
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xterm (SUSE-SU-2023:0221-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0221-1 advisory. - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc120530...
SUSE: Security Advisory (SUSE-SU-2023:0221-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:0221-1 Security update for xterm
This update for xterm fixes the following issues: - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc1205305...
SUSE SLES15 Security Update : xterm (SUSE-SU-2023:0173-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0173-1 advisory. - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc1205305. Tenable has extracted the...
SUSE: Security Advisory (SUSE-SU-2023:0173-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:0173-1 Security update for xterm
This update for xterm fixes the following issues: - CVE-2022-45063: Fixed an arbitrary code execution issue under configurations using vi and zsh bsc1205305...
Fedora 35 : xterm (2022-8cf76a9ceb)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8cf76a9ceb advisory. Rebase to version 375 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Fedora 36 : xterm (2022-681bbe67b6)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-681bbe67b6 advisory. Rebase to version 375 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Design/Logic Flaw
SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing...
CVE-2022-23465 SwiftTerm vulnerable to arbitrary command execution
SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing...
CVE-2022-23465
SwiftTerm (Xterm/VT100 terminal emulator) contains a vulnerability where an attacker could modify the window title via a specific escape sequence and then re-insert it into the user’s terminal to execute arbitrary commands. The issue is addressed in commit a94e6b24d24ce9680ad79884992e1dff8e150a31...
CVE-2022-23465 SwiftTerm vulnerable to arbitrary command execution
SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24d24ce9680ad79884992e1dff8e150a31, an attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing...
Mageia: Security Advisory (MGASA-2022-0441)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...