57 matches found
CVE-2021-28848
Mintty before 3.4.5 allows remote servers to cause a denial of service Windows GUI hang by telling the Mintty window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon...
CVE-2021-31701
Mintty before 3.4.7 mishandles Bracketed Paste Mode...
CVE-2024-45301
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
CVE-2024-45301
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
CVE-2024-45301 ZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
EUVD-2024-55068
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
CVE-2024-45301
Mintty (Cygwin/MSYS/WSL terminal) versions 2.3.6–3.7.4 contain an input-handling flaw where certain escape sequences can cause the process to access a file along a specific path. Triggered by printing those sequences in bash, this can enable an attacker to specify an arbitrary network path and ob...
CVE-2024-45301 ZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
CVE-2024-45301 ZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...
mintty 输入验证错误漏洞
mintty is the Cygwin terminal emulator for the mintty open source application, also available for MSYS and Msys2. An input validation error vulnerability exists in mintty versions 2.3.6 through 3.7.4, which stems from mishandling of escape sequences and can lead to NTLM hash disclosure...
EUVD-2021-18586
Malware in sbrugna...
EUVD-2021-15502
Malware in sbrugna...
EUVD-2022-50343
Malicious code in bioql PyPI...
EUVD-2025-1979
Malicious code in bioql PyPI...
EUVD-2023-43426
Malicious code in bioql PyPI...
CVE-2023-39726
An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal...
CVE-2022-47583
Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal...
CVE-2025-1052
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
CVE-2025-1052
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
CVE-2025-1052
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the target must visit a malicious...