Lucene search
+L

205 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.13 views

EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2023-3438)

According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corrupti...

7.8CVSS6.8AI score0.00923EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/12/15 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-3438)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.00923EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/11/21 10:27 a.m.11 views

ncurses: Local users can trigger security-relevant memory corruption via malformed data

A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.3AI score0.00923EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.42 views

Oracle Linux 9 : ncurses (ELSA-2023-6698)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6698 advisory. - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.8CVSS7.1AI score0.00923EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2023/11/11 12:0 a.m.99 views

ncurses security and bug fix update

6.2-10.20210508 - ignore TERMINFO and HOME only if setuid/setgid/capability 2211666 6.2-9.20210508 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491 - ignore TERMINFO and HOME environment variables if running as root 2211666...

7.8CVSS8.1AI score0.00923EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-3138)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.00923EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/11/07 8:47 a.m.8 views

ncurses: Local users can trigger security-relevant memory corruption via malformed data

A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.3AI score0.00923EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.40 views

Moderate: ncurses security and bug fix update

The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...

7.8CVSS7.3AI score0.00923EPSS
Exploits1References4
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.58 views

A vulnerability was found in ncurses and occurs when used by a setuid application. (CVE-2023-29491)

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.7AI score0.00923EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.22 views

RHEL 9 : ncurses (RHSA-2023:6698)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6698 advisory. The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses...

7.8CVSS6.9AI score0.00923EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2023/10/13 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-2963)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.00923EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/09/22 12:0 a.m.12 views

AlmaLinux 8 : ncurses (ALSA-2023:5249)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5249 advisory. - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corruption via malformed data in a termin...

7.8CVSS6.7AI score0.00923EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2023/09/20 12:0 a.m.54 views

ncurses security update

6.1-9.20180224.1 - fix buffer overflow on terminfo with too many capabilities CVE-2023-29491...

7.8CVSS8.1AI score0.00923EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/09/19 2:10 p.m.7 views

ncurses: Local users can trigger security-relevant memory corruption via malformed data

A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.3AI score0.00923EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.6 views

The vulnerability of the input/output library for the ncurses terminal relates to the ability to write beyond the buffer boundaries into memory, allowing an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the input/output library for the ncurses terminal relates to the possibility of writing beyond the buffer boundaries into memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information b...

7.8CVSS7AI score0.00923EPSS
Exploits1References13Affected Software18
Microsoft Secure
Microsoft Secure
added 2023/09/14 11:30 a.m.76 views

Uncursing the ncurses: Memory corruption vulnerabilities found in library

Microsoft has discovered a set of memory corruption vulnerabilities in a library called ncurses, which provides APIs that support text-based user interfaces TUI. Released in 1993, the ncurses library is commonly used by various programs on Portable Operating System Interface POSIX operating...

4.3CVSS8.2AI score0.55367EPSS
Exploits22
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2023-2699)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.00923EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2023/08/25 6:46 p.m.43 views

CVE-2020-19190

A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash. Mitigation Do not compile or decompile untrusted terminfo descriptions...

6.5CVSS6.2AI score0.01403EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/08/25 6:46 p.m.33 views

CVE-2020-19189

A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a heap-based buffer overflow, resulting in an application crash. Mitigation Do not compile or decompile untrusted terminfo descriptions...

6.5CVSS6.2AI score0.01895EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/08/25 6:46 p.m.41 views

CVE-2020-19188

A flaw was found in the ncurses library. This issue occurs when processing a crafted terminfo database, causing a stack-based buffer overflow, resulting in an application crash. Mitigation Do not compile or decompile untrusted terminfo descriptions...

6.5CVSS6.2AI score0.01403EPSS
Exploits1References3
Rows per page
Query Builder