Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-4170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's...

9.8CVSS7.6AI score0.02058EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.16 views

openSUSE: Security Advisory for rxvt (openSUSE-SU-2023:0306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.17 views

openSUSE 15 Security Update : rxvt-unicode (openSUSE-SU-2023:0306-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0306-1 advisory. - The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to t...

9.8CVSS8.5AI score0.02058EPSS
Exploits0References4
OSV
OSV
added 2023/10/20 10:1 a.m.7 views

OPENSUSE-SU-2023:0306-1 Security update for rxvt-unicode

This update for rxvt-unicode fixes the following issues: - Update to version 9.31: CVE-2022-4170 boo1206069 - implement a fix for CVE-2022-4170 reported and analyzed by David Leadbeater. While present in version 9.30, it should not be exploitable. It is exploitable in versions 9.25 and 9.26, at...

9.8CVSS9.8AI score0.02058EPSS
Exploits0References3
Slackware Linux
Slackware Linux
added 2023/01/04 2:20 a.m.27 views

[slackware-security] rxvt-unicode

New rxvt-unicode packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rxvt-unicode-9.26-i586-3slack15.0.txz: Rebuilt. When the "background" extension was loaded, an attacker able to control the dat...

9.8CVSS0.1AI score0.02058EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/01/04 12:0 a.m.20 views

Slackware: Security Advisory (SSA:2023-003-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02058EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.33 views

Slackware Linux 15.0 / current rxvt-unicode Vulnerability (SSA:2023-003-02)

The version of rxvt-unicode installed on the remote host is prior to 9.26. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-003-02 advisory. - The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can contr...

9.8CVSS8.6AI score0.02058EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2022-0459)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.02058EPSS
Exploits0References4
OSV
OSV
added 2022/12/13 10:9 p.m.7 views

MGASA-2022-0459 Updated rxvt-unicode packages fix security vulnerability

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. CVE-2022-4170...

9.8CVSS9.5AI score0.02058EPSS
Exploits0References3
Mageia
Mageia
added 2022/12/13 10:9 p.m.40 views

Updated rxvt-unicode packages fix security vulnerability

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. CVE-2022-4170...

9.8CVSS2.9AI score0.02058EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/12/09 6:15 p.m.25 views

CVE-2022-4170

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set...

9.8CVSS7.4AI score0.02058EPSS
Exploits0References3
CVE
CVE
added 2022/12/09 12:0 a.m.108 views

CVE-2022-4170

The CVE-2022-4170 issue affects the rxvt-unicode terminal emulator, specifically the Perl background extension. The vulnerability allows remote code execution when an attacker can control data written to the user’s terminal and certain X resources/options are set. Multiple advisories (Gentoo GLSA...

9.8CVSS9.3AI score0.02058EPSS
Exploits0References3Affected Software1
FreeBSD
FreeBSD
added 2022/12/05 12:0 a.m.20 views

rxvt-unicode is vulnerable to a remote code execution

Marc Lehmann reports: The biggest issue is resolving CVE-2022-4170, which allows command execution inside urxvt from within the terminal that means anything that can output text in the terminal can start commands in the context of the urxvt process, even remotely...

9.8CVSS3.3AI score0.02058EPSS
Exploits0References1
Rows per page
Query Builder