598 matches found
CVE-2022-41322
Kitty (before 0.26.2) contains a vulnerability where insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. An attacker must have attacker-controlled content displayed in the terminal and the user must click a notification popup to trigger code e...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
Kitty 安全漏洞
kitty is a fast, feature-rich, GPU-based terminal emulator developed by kovidgoyal. A code execution vulnerability exists in versions prior to Kitty 0.26.2 that stems from insufficient validation in the desktop notification escape sequence and can be exploited by an attacker to cause execution of...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
Vice Society actors target K-12 institutions in US
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Vice Society is an extortion hacking group that emerged in the summer of 2021. The Vice Society does not use a specific ransomware variant. Instead, they used variants of Hello Kitty, Five Hands, and...
PT-2022-25815 · Kitty +4 · Kitty +4
Name of the Vulnerable Software and Affected Versions: Kitty versions prior to 0.26.2 Description: The issue is related to insufficient validation in the desktop notification escape sequence, which can lead to arbitrary code execution. This occurs when a user displays attacker-controlled content ...
Kitty 0.76.0.8 Stack Buffer Overflow
Exploit Title: Kitty 0.76.0.8 Stack Buffer Overflow Discovered by: Yehia Elghaly Discovered Date: 2022-06-08 Vendor Homepage: http://www.9bis.net/kitty/index.html!index.md Software Link : https://www.fosshub.com/KiTTY.html?dwl=kittyportable-0.76.0.8.exe Tested Version: 0.76.0.8 Vulnerability Type...
openSUSE: Security Advisory for kitty (openSUSE-SU-2021:0025-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
The vulnerability of the implementation of the GPU-based terminal emulator protocol in GPU Kitty relates to the absence of measures to neutralize special elements. This allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the GPU-based terminal emulator’s protocol implementation is related to the lack of filename cleaning when returning error messages. Exploiting this vulnerability can allow remote attackers to gain access to confidential data, compromise its integrity, and cause service...
openSUSE Security Update : kitty (openSUSE-2021-25)
This update for kitty fixes the following issue : - CVE-2020-35605: Fixed an RCE due to filenames containing special characters contained in error messages boo1180298. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
OPENSUSE-SU-2021:0025-1 Security update for kitty
This update for kitty fixes the following issue: - CVE-2020-35605: Fixed an RCE due to filenames containing special characters contained in error messages boo1180298...
Security update for kitty (important)
openSUSE Security Update: Security update for kitty Announcement ID: openSUSE-SU-2021:0025-1 Rating: important References: 1180298 Cross-References: CVE-2020-35605 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for kitty fix...
Debian DSA-4819-1 : kitty - security update
Stephane Chauveau discovered that the graphics protocol implementation in Kitty, a GPU-based terminal emulator, did not sanitise a filename when returning an error message, which could result in the execution of arbitrary shell commands when displaying a file with cat. C Tenable Network Security,...
Debian: Security Advisory (DSA-4819-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4819-1] kitty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4819-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 26, 2020 https://www.debian.org/security/faq -...
Remote Code Execution (RCE)
kitty is vulnerable to remote code execution. The vulnerability is possible because filename containing special characters can be included in an error message which allows an attacker to inject malicious code into the system...
CVE-2020-35605
The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message...
DEBIAN-CVE-2020-35605
The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message...