Lucene search
+L

205 matches found

RedhatCVE
RedhatCVE
added 2023/04/28 8:51 p.m.41 views

CVE-2023-29491

A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.2AI score0.00923EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2023/04/24 7:0 a.m.5 views

ncurses before 6.4 20230408 when used by a setuid application allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

...

7.8CVSS6.7AI score0.00923EPSS
Exploits1
Veracode
Veracode
added 2023/04/24 5:19 a.m.53 views

Denial Of Service (DoS)

libncurses.so is vulnerable to Denial Of Service DoS. The vulnerability exists via malformed data in a terminfo database file which allows an attacker to trigger a memory corruption causing an application crash...

7.8CVSS7.4AI score0.00923EPSS
Exploits1References15Affected Software2
SUSE CVE
SUSE CVE
added 2023/04/14 1:51 a.m.5 views

SUSE CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

6.5CVSS8.2AI score0.00923EPSS
Exploits1References99
NVD
NVD
added 2023/04/14 1:15 a.m.26 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS7.8AI score0.00923EPSS
Exploits1References12
OSV
OSV
added 2023/04/14 1:15 a.m.1 views

DEBIAN-CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.7AI score0.00923EPSS
Exploits1References1
OSV
OSV
added 2023/04/14 1:15 a.m.7 views

ALPINE-CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.7AI score0.00923EPSS
Exploits1References1
OSV
OSV
added 2023/04/14 1:15 a.m.6 views

AZL-26241 CVE-2023-29491 affecting package ncurses for versions less than 6.4-1

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.8AI score0.00923EPSS
Exploits1References1
Prion
Prion
added 2023/04/14 1:15 a.m.31 views

Memory corruption

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

4.3CVSS7.7AI score0.00923EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2023/04/14 1:15 a.m.3 views

UBUNTU-CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.8AI score0.00923EPSS
Exploits1References6
Cvelist
Cvelist
added 2023/04/14 12:0 a.m.27 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

8AI score0.00923EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2023/04/14 12:0 a.m.90 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.9AI score0.00923EPSS
Exploits1References5
OSV
OSV
added 2023/04/14 12:0 a.m.36 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.8AI score0.00923EPSS
Exploits1References14
Debian CVE
Debian CVE
added 2023/04/14 12:0 a.m.43 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS6.4AI score0.00923EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2023/04/14 12:0 a.m.181 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

7.8CVSS8.1AI score0.00923EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.2 views

PT-2023-5180 · Ncurses +9 · Ncurses +9

Name of the Vulnerable Software and Affected Versions: ncurses versions prior to 6.4 20230408 Description: The issue is related to security-relevant memory corruption via malformed data in a terminfo database file. This can be triggered by local users when the software is used by a setuid...

8.8CVSS6.2AI score0.03231EPSS
Exploits5References100
Amazon
Amazon
added 2023/03/22 12:0 a.m.6 views

Medium: ncurses

Issue Overview: The ncurses package tic is susceptible to a heap overflow on crafted input. When the terminfo entry-description compiler processes input, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability...

8.8CVSS6.9AI score0.03231EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.40 views

CBL Mariner 2.0 Security Update: ncurses (CVE-2022-29458)

The version of ncurses installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-29458 advisory. - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convertstrings in...

7.1CVSS6.6AI score0.01341EPSS
Exploits1References2
Fedora
Fedora
added 2023/03/14 12:24 a.m.39 views

[SECURITY] Fedora 38 Update: notcurses-3.0.8-6.fc38

Notcurses facilitates the creation of modern TUI programs, making full use of Unicode and 24-bit TrueColor. It presents an API similar to that of Curses, and rides atop Terminfo. This package includes C and C++ shared libraries...

8.8CVSS7.3AI score0.01118EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.2 views

SUSE CVE-2017-16879

Stack-based buffer overflow in the ncwriteentry function in tinfo/writeentry.c in ncurses 6.0 allows attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic...

7.8CVSS9.6AI score0.02383EPSS
Exploits0References7
Rows per page
Query Builder