Lucene search
+L

120 matches found

CNNVD
CNNVD
added 2023/10/22 12:0 a.m.8 views

iTerm2 Security Vulnerability

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 versions prior to 3.5.0beta12 that stems from not cleaning up ssh hostnames in URLs...

9.8CVSS6.7AI score0.00656EPSS
Exploits0References4
CVE
CVE
added 2023/10/22 12:0 a.m.63 views

CVE-2023-46300

CVE-2023-46300 affects iTerm2 on macOS, with remote code execution possible due to mishandling of certain escape sequences related to tmux integration in versions prior to 3.4.20. The Nessus and Red Hat/NVD records corroborate a RCE class flaw tied to escape sequence handling. Confirmed affected ...

9.8CVSS9.6AI score0.0118EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2023/10/22 12:0 a.m.8 views

iTerm2 Security Vulnerability

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 versions prior to 3.4.20 that stems from improper handling of certain escape sequences and allows remote code execution...

9.8CVSS7.9AI score0.0118EPSS
Exploits1References5
OSV
OSV
added 2023/10/22 12:0 a.m.20 views

CVE-2023-46300

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

9.8CVSS7.6AI score0.0118EPSS
Exploits1References6
OSV
OSV
added 2023/10/22 12:0 a.m.59 views

CVE-2023-46301

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to upload...

9.8CVSS7.6AI score0.0118EPSS
Exploits1References6
OSV
OSV
added 2023/10/22 12:0 a.m.18 views

CVE-2023-46321

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line...

9.8CVSS7AI score0.00656EPSS
Exploits0References4
OSV
OSV
added 2023/10/22 12:0 a.m.9 views

CVE-2023-46322

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period...

9.8CVSS6.9AI score0.00656EPSS
Exploits0References4
NVD
NVD
added 2022/11/23 10:15 p.m.34 views

CVE-2022-45872

iTerm2 before 3.4.18 mishandles a DECRQSS response...

9.8CVSS0.00882EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.8 views

CVE-2022-45872

iTerm2 before 3.4.18 mishandles a DECRQSS response...

9.5AI score0.00882EPSS
Exploits0References1
CVE
CVE
added 2022/11/23 12:0 a.m.67 views

CVE-2022-45872

CVE-2022-45872 affects iTerm2 prior to 3.4.18, where a DECRQSS response is mishandled. The issue concerns iTerm2 (macOS) with the vulnerability stemming from the mishandling in the DECRQSS parsing, and is described with CVSS v3.1 base metrics of 9.8 (CRITICAL) impacting confidentiality, integrity...

9.8CVSS9.4AI score0.00882EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/23 12:0 a.m.32 views

CVE-2022-45872

iTerm2 before 3.4.18 mishandles a DECRQSS response...

9.6AI score0.00882EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.6 views

iTerm2 安全漏洞

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 version 3.4.18 that stems from incorrectly handling DECRQSS responses...

9.8CVSS8.3AI score0.00882EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.7 views

PT-2022-27662 · Iterm2 · Iterm2

Name of the Vulnerable Software and Affected Versions: iTerm2 versions prior to 3.4.18 Description: The issue is related to the mishandling of a DECRQSS response. Recommendations: For versions prior to 3.4.18, update to version 3.4.18 or later to resolve the issue...

9.8CVSS7.1AI score0.00882EPSS
Exploits0References7
OSV
OSV
added 2022/11/23 12:0 a.m.16 views

CVE-2022-45872

iTerm2 before 3.4.18 mishandles a DECRQSS response...

9.8CVSS6.9AI score0.00882EPSS
Exploits0References3
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/09/30 12:0 a.m.10 views

Mac Users Targeted by Trojanized iTerm2 App

We go into more detail about a fake version of the iTerm2 app that downloads and runs malware, detected by Trend Micro as TrojanSpy.Python.ZURU.A, which collects private data from a victim’s machine...

4.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/21 11:21 a.m.24 views

New Mac malware masquerades as iTerm2, Remote Desktop and other apps

Last week, security researcher Patrick Wardle released details of a new piece of malware masquerading as the legitimate app iTerm2. The malware was discovered earlier the same day by security researcher Zhi @CodeColorist on Twitter, and detailed on a Chinese-language blog. For those who dont spea...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/15 12:0 a.m.310 views

Online Marriage Registration System 1.0 Remote Code Execution

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-14-12 Exploit Author: Andrea Bruschi - www.andreabruschi.net Vendor Homepage: https://phpgurukul.com/ Software Link:...

0.7AI score
Exploits0
OpenVAS
OpenVAS
added 2020/11/06 12:0 a.m.19 views

openSUSE: Security Advisory for tmux (openSUSE-SU-2020:1834-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.3AI score0.00679EPSS
Exploits1References2
CNVD
CNVD
added 2019/11/18 12:0 a.m.7 views

iTerm2 Information Disclosure Vulnerability (CNVD-2020-41520)

iTerm2 is a GPL-licensed terminal emulator for macOS. An information disclosure vulnerability exists in iTerm2 3.3.6 and earlier versions, which can be exploited by a remote attacker to obtain sensitive information by searching for the NoSyncSearchHistory string in a .plist file in a public Git...

7.5CVSS6.3AI score0.01421EPSS
Exploits1References1
NVD
NVD
added 2019/11/17 6:15 p.m.20 views

CVE-2019-19022

iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Gi...

7.5CVSS7.5AI score0.01421EPSS
Exploits1References1
Rows per page
Query Builder