36 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-17595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. CVE-2019-17595 Note...
NewStart CGSL MAIN 6.02 : ncurses Multiple Vulnerabilities (NS-SA-2024-0057)
The remote NewStart CGSL host, running version MAIN 6.02, has ncurses packages installed that are affected by multiple vulnerabilities: - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. CVE-2019-17594 -...
CentOS 9 : ncurses-6.2-8.20210508.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ncurses-6.2-8.20210508.el9 build changelog. - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before...
Amazon Linux 2 : ncurses (ALAS-2024-2412)
The version of ncurses installed on the remote host is prior to 6.0-8.20170212. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2412 advisory. There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in...
Rocky Linux 8 : ncurses (RLSA-2021:4426)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4426 advisory. - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012...
Ubuntu: Security Advisory (USN-6099-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6099-1: ncurses vulnerabilities
It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-17594 It was discovered that...
Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is vulnerable to sensitive information exposure due to GNU ncurses (CVE-2019-17595, CVE-2019-17594)
Summary IBM Sterling Connect:Direct for UNIX Certified Container bundles ncurses as third party packages in its container image which has the vulnerability where attacker can obtain sensitive information. This fix updates ncurses to 6.1-9.20180224.el8. Vulnerability Details CVEID:CVE-2019-17595...
AlmaLinux 8 : ncurses (ALSA-2021:4426)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4426 advisory. - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012...
Mageia: Security Advisory (MGASA-2019-0387)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : ncurses (ELSA-2021-4426)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4426 advisory. - fix buffer overflow in terminfo entry hashtable CVE-2019-17594 Tenable has extracted the preceding description block directly from the Oracle Linux...
ALSA-2021:4426 Moderate: ncurses security update
The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...
ncurses security update
An update is available for ncurses. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ncurses new curses library routines are a terminal-independent method of...
Advisory ROSA-SA-2021-1927
Software: ncurses 5.9 OS: Cobalt 7.9 CVE-ID: CVE-2019-15547 CVE-Crit: HIGH CVE-DESC: An issue has been discovered in the ncurses box prior to version 5.99.0 for Rust. The printw functions have format string problems due to improper handling of C format arguments. CVE-STATUS: default CVE-REV:...
SUSE: Security Advisory (SUSE-SU-2019:3094-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202101-28 : ncurses: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202101-28 ncurses: Multiple vulnerabilities Multiple vulnerabilities have been discovered in ncurses. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2020-2207)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : ncurses (EulerOS-SA-2020-2207)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is an infinite loop in the nextchar function in compscan.c in ncurses 6.0, related to libtic. A crafted input will lead to...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2020-1732)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2020-1732)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before...