Lucene search
K

140 matches found

Prion
Prion
added 2021/05/20 8:15 p.m.19 views

Remote code execution

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...

6.5CVSS8.7AI score0.04012EPSS
Exploits1References20Affected Software6
OSV
OSV
added 2021/05/20 8:15 p.m.4 views

UBUNTU-CVE-2021-33477

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...

8.8CVSS6.2AI score0.04012EPSS
Exploits1References10
CVE
CVE
added 2021/05/20 7:16 p.m.118 views

CVE-2021-33477

The CVE-2021-33477 entry affects rxvt-unicode (9.22), rxvt (2.7.10), mrxvt (0.5.4) and Eterm (0.9.7). Root cause: improper handling of certain escape sequences (ESC G Q) that can terminate a response with a newline, enabling potentially remote code execution. Public advisories confirm this across...

8.8CVSS8.7AI score0.04012EPSS
Exploits1References20Affected Software4
Debian CVE
Debian CVE
added 2021/05/20 7:16 p.m.34 views

CVE-2021-33477

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...

8.8CVSS8.9AI score0.04012EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/05/20 7:16 p.m.43 views

CVE-2021-33477

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow potentially remote code execution because of improper handling of certain escape sequences ESC G Q. A response is terminated by a newline...

8.8CVSS9AI score0.04012EPSS
Exploits1References19
CNNVD
CNNVD
added 2021/05/20 12:0 a.m.6 views

rxvt-unicode 安全漏洞

rxvt-unicode is an application. A customizable terminal branching from rxvt. A security vulnerability exists in rxvt-unicode 9.22 that allows code execution because certain escape sequences ESC G Q are mishandled. The response is terminated by a line feed. No detailed vulnerability details are...

8.8CVSS8.3AI score0.04012EPSS
Exploits1References25
0day.today
0day.today
added 2021/05/19 12:0 a.m.95 views

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution Exploit

rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution. !/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/...

8.2AI score
Exploits0
Packet Storm
Packet Storm
added 2021/05/18 12:0 a.m.158 views

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution

!/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/A ------------------------------------------------------------------------------ URXVT VULNERABILITY In rxvt-based terminals, ANSI...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/05/17 12:0 a.m.3 views

PT-2021-4284 · Eterm +4 · Eterm +4

Name of the Vulnerable Software and Affected Versions: rxvt-unicode version 9.22 rxvt version 2.7.10 mrxvt version 0.5.4 Eterm version 0.9.7 Description: The issue is related to improper handling of certain escape sequences, specifically ESC G Q, which can lead to code execution. This could...

8.8CVSS7.4AI score0.04012EPSS
Exploits3References69
Mageia
Mageia
added 2017/06/29 9:40 p.m.15 views

Updated rxvt-unicode packages fix security vulnerability

The rxvt-unicode package has been patched to harden it against potential integer overflow issues when printing escape sequences...

2.5AI score
Exploits0References2
OSV
OSV
added 2017/06/29 9:40 p.m.4 views

MGASA-2017-0193 Updated rxvt-unicode packages fix security vulnerability

The rxvt-unicode package has been patched to harden it against potential integer overflow issues when printing escape sequences...

7.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/06/09 12:0 a.m.23 views

openSUSE Security Update : rxvt-unicode (openSUSE-2017-670)

This update for rxvt-unicode fixes the following issue : While urxvt is not directly affected by CVE-2017-7483 we have added a patch to harden urxvt to avoid similar bugs in the future. boo1036456 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

7.5CVSS7.2AI score0.02135EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.28 views

Gentoo Security Advisory GLSA 201406-18

Gentoo Linux Local Security Checks GLSA 201406-18 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.6CVSS5AI score0.041EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.8 views

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the rxvt-unicode package in the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.6CVSS5.4AI score0.041EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.12 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The numerous vulnerabilities of the rxvt-unicode package on the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.6CVSS5.4AI score0.041EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.9 views

The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the rxvt-unicode package up to version 9.20 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.6CVSS5.4AI score0.041EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/25 12:0 a.m.23 views

SuSE 11.3 Security Update : rxvt-unicode (SAT Patch Number 9421)

rxvt-unicode was updated to ensure that window property values can not be queried in secure mode. CVE-2014-3121 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright ...

7.6CVSS5.3AI score0.041EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/20 12:0 a.m.26 views

GLSA-201406-18 : rxvt-unicode: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201406-18 rxvt-unicode: User-assisted execution of arbitrary code rxvt-unicode does not properly handle OSC escape sequences, including those used to read and write X window properties. Impact : A remote attacker could entice a us...

7.6CVSS5.9AI score0.041EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2014/06/19 12:0 a.m.26 views

rxvt-unicode: User-assisted execution of arbitrary code

Background rxvt-unicode urxvt is a clone of the rxvt terminal emulator. Description rxvt-unicode does not properly handle OSC escape sequences, including those used to read and write X window properties. Impact A remote attacker could entice a user to run a specially crafted file using...

7.6CVSS7AI score0.041EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/19 12:0 a.m.15 views

openSUSE Security Update : rxvt-unicode (openSUSE-SU-2014:0814-1)

rxvt-unicode was patched to ensure that window property values can not be queried in secure mode CVE-2014-3121. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-430. The text...

7.6CVSS5.3AI score0.041EPSS
Exploits0References3
Rows per page
Query Builder