205 matches found
EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2023-3438)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corrupti...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-3438)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ncurses: Local users can trigger security-relevant memory corruption via malformed data
A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...
Oracle Linux 9 : ncurses (ELSA-2023-6698)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6698 advisory. - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 Tenable has extracted the preceding description block directly from the Oracle Linux...
ncurses security and bug fix update
6.2-10.20210508 - ignore TERMINFO and HOME only if setuid/setgid/capability 2211666 6.2-9.20210508 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 - ignore TERMINFO and HOME environment variables if running as root 2211666...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-3138)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ncurses: Local users can trigger security-relevant memory corruption via malformed data
A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...
Moderate: ncurses security and bug fix update
The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...
A vulnerability was found in ncurses and occurs when used by a setuid application. (CVE-2023-29491)
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...
RHEL 9 : ncurses (RHSA-2023:6698)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6698 advisory. The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-2963)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 8 : ncurses (ALSA-2023:5249)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5249 advisory. - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corruption via malformed data in a termin...
ncurses security update
6.1-9.20180224.1 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491...
ncurses: Local users can trigger security-relevant memory corruption via malformed data
A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...
The vulnerability of the input/output library for the ncurses terminal relates to the ability to write beyond the buffer boundaries into memory, allowing an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the input/output library for the ncurses terminal relates to the possibility of writing beyond the buffer boundaries into memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information b...
Uncursing the ncurses: Memory corruption vulnerabilities found in library
Microsoft has discovered a set of memory corruption vulnerabilities in a library called ncurses, which provides APIs that support text-based user interfaces TUI. Released in 1993, the ncurses library is commonly used by various programs on Portable Operating System Interface POSIX operating...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-2699)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-19190
A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash. Mitigation Do not compile or decompile untrusted terminfo descriptions...
CVE-2020-19189
A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash. Mitigation Do not compile or decompile untrusted terminfo descriptions...
CVE-2020-19188
A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a stack-based buffer overflow, resulting in an application crash. Mitigation Do not compile or decompile untrusted terminfo descriptions...