JLSEC-2026-444

There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012...

JLSEC-2026-452

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convertstrings in tinfo/readentry.c in the terminfo library...

JLSEC-2026-443

There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012...

JLSEC-2026-453

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

Astra Linux - уязвимость в ncurses

ncurses before version 6.4, as of 20230408, when used by a setuid application, allowed local users to cause security-related memory corruption through malformed data in a terminfo database file located in $HOME/.terminfo, or accessible via the TERMINFO or TERM environment variables...

Astra Linux - уязвимость в ncurses

A buffer overflow vulnerability exists in the postprocessterminfo function in tinfo/parseentry.c:997 within ncurses 6.1. This vulnerability allows remote attackers to cause a denial of service by using crafted commands...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Out-of-bounds Write (CVE-2023-29491)

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. This plugin only works with...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-17595)

There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2019-7923

Malware in sbrugna...

EUVD-2017-2749

Malware in sbrugna...

EUVD-2019-7922

Malware in sbrugna...

EUVD-2017-2750

Malware in sbrugna...

EUVD-2022-33796

Malicious code in bioql PyPI...

ncurses: segfaulting OOB read

A segmentation fault vulnerability was found in ncurses's convertstrings function of tinfo/readentry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error...

NewStart CGSL MAIN 6.06 : ncurses Multiple Vulnerabilities (NS-SA-2025-0223)

The remote NewStart CGSL host, running version MAIN 6.06, has ncurses packages installed that are affected by multiple vulnerabilities: - In ncurses 6.0, there is a format string vulnerability in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...

ncurses: segfaulting OOB read

A segmentation fault vulnerability was found in ncurses's convertstrings function of tinfo/readentry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error...

ncurses: segfaulting OOB read

A segmentation fault vulnerability was found in ncurses's convertstrings function of tinfo/readentry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error...

ncurses: segfaulting OOB read

A segmentation fault vulnerability was found in ncurses's convertstrings function of tinfo/readentry.c file. This flaw occurs due to corrupted terminfo data, triggering an out-of-bounds read error...

Low: Red Hat Security Advisory: ncurses security update

An update for ncurses is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Oracle Linux 9 : ncurses (ELSA-2025-12876)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12876 advisory. 6.2-10.20210508.el96.2 - remove execute permissions from ANNOUNCE file RHEL-102738 6.2-10.20210508.el96.1 - guard against corrupt terminfo data in string...