Lucene search
+L

531 matches found

nvd
nvd
added 2024/12/31 11:15 p.m.11 views

CVE-2024-56803

Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious...

5.1CVSS0.00535EPSS
Exploits0References2
osv
osv
added 2024/12/31 11:15 p.m.6 views

UBUNTU-CVE-2024-56803

Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious...

5.1CVSS5.8AI score0.00535EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/12/31 12:0 a.m.4 views

PT-2024-37077 · Ghostty · Ghostty

Name of the Vulnerable Software and Affected Versions: Ghostty version 1.0.0 Description: Ghostty is a cross-platform terminal emulator that allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal. This...

5.1CVSS8AI score0.00535EPSS
Exploits0References8
osv
osv
added 2024/07/12 11:8 a.m.4 views

OESA-2024-1828 vte291 security update

VTE provides a virtual terminal widget for GTK applications.VTE is mainly used in gnome-terminal, but can also be used to embed a console/terminal in games, editors, IDEs, etc. Security Fixes: GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window...

4.4CVSS6.8AI score0.00238EPSS
Exploits0References2
redos
redos
added 2024/07/04 12:0 a.m.16 views

ROS-20240704-03

Vulnerability in gnome Vte terminal is related to escape-sequence window resizing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

4.4CVSS6.6AI score0.00238EPSS
Exploits0
mscve
mscve
added 2024/06/30 2:0 p.m.6 views

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence a related issue to CVE-2000-0476.

...

5CVSS5.8AI score0.02525EPSS
Exploits1
nvd
nvd
added 2024/06/16 9:15 p.m.29 views

CVE-2024-38396

An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature enabled by default, allows an attacker to inject arbitrary code into the terminal, a different vulnerability than...

9.8CVSS0.01697EPSS
Exploits2References4
cvelist
cvelist
added 2024/06/16 12:0 a.m.24 views

CVE-2024-38396

An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature enabled by default, allows an attacker to inject arbitrary code into the terminal, a different vulnerability than...

0.01697EPSS
Exploits2References4
osv
osv
added 2024/06/14 5:30 p.m.10 views

MGASA-2024-0219 Updated vte packages fix security vulnerability

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476. CVE-2024-37535...

4.4CVSS4.4AI score0.00238EPSS
Exploits0References4
susecve
susecve
added 2024/06/11 2:5 a.m.4 views

SUSE CVE-2024-37535

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476...

7.5CVSS6.8AI score0.00238EPSS
Exploits0References7
nvd
nvd
added 2024/06/09 3:16 p.m.29 views

CVE-2024-37535

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476...

4.4CVSS0.00238EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2024/06/09 12:0 a.m.27 views

CVE-2024-37535

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476...

4.4CVSS6.1AI score0.00238EPSS
Exploits0References4
osv
osv
added 2024/06/09 12:0 a.m.28 views

CVE-2024-37535

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476...

4.4CVSS6.3AI score0.00238EPSS
Exploits0References6
cvelist
cvelist
added 2024/06/09 12:0 a.m.29 views

CVE-2024-37535

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476...

0.00238EPSS
Exploits0References4
cve
cve
added 2024/06/09 12:0 a.m.83 views

CVE-2024-37535

The vulnerability CVE-2024-37535 affects GNOME VTE, where versions prior to 0.76.3 mishandle a window resize escape sequence, allowing a denial of service through memory consumption. Documented across multiple advisories (ALAS, SUSE, Mariner, TencentOS, etc.) affecting the vte291 package lineage ...

4.4CVSS6.4AI score0.00238EPSS
Exploits0References4
osv
osv
added 2024/06/06 5:21 p.m.6 views

CLSA-2024-1717694505 glibc: Fix of 2 CVEs

CVE-2018-11236: fix stack buffer overflow when realpath input length is close to SSIZEMAX. - CVE-2024-2961: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences...

9.8CVSS7.2AI score0.8833EPSS
Exploits16References1
nessus
nessus
added 2024/05/11 12:0 a.m.14 views

RHEL 6 : rubygems (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygems: Improper verification of signatures in tarball allows to install mis-signed gem CVE-2018-100007...

8AI score0.29442EPSS
Exploits5References13
bdu_fstec
bdu_fstec
added 2024/05/06 12:0 a.m.11 views

The vulnerability of the ANSI Escape Sequence Handler component in the WinRAR file archiver allows a hacker to trigger a service failure or replace the display on the screen.

The vulnerability of the ANSI Escape Sequence Handler component in the WinRAR file archiver is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to remotely cause service failures or replace the display on the screen...

8.5CVSS6.5AI score0.00817EPSS
Exploits1References8Affected Software2
osv
osv
added 2024/05/05 7:15 p.m.3 views

UBUNTU-CVE-2024-34507

An issue was discovered in includes/CommentFormatter/CommentParser.php in MediaWiki before 1.39.7, 1.40.x before 1.40.3, and 1.41.x before 1.41.1. XSS can occur because of mishandling of the 0x1b character, as demonstrated by Special:RecentChanges%1b0000000...

7.4CVSS5.8AI score0.00674EPSS
Exploits1References5
nessus
nessus
added 2024/04/27 12:0 a.m.29 views

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2017:3485)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3485 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.7AI score0.29442EPSS
Exploits8References20
Rows per page
Query Builder