Ncurses@* Security Vulnerabilities and Issues — Ncurses@* CVE List

Lucene search

GnuNcurses*

7 matches found

CVE•added 2022/04/18 9:15 p.m.•280 views

CVE-2022-29458

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

7.1CVSS6.8AI score0.00029EPSS

CVE•added 2019/10/14 9:15 p.m.•262 views

CVE-2019-17594

There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

5.3CVSS5.7AI score0.00034EPSS

CVE•added 2019/10/14 9:15 p.m.•252 views

CVE-2019-17595

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

5.8CVSS5.8AI score0.00068EPSS

CVE•added 2023/04/14 1:15 a.m.•239 views

CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

7.8CVSS7.8AI score0.00066EPSS

CVE•added 2021/09/20 4:15 p.m.•211 views

CVE-2021-39537

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

8.8CVSS8.5AI score0.00351EPSS

CVE•added 2003/04/02 5:0 a.m.•68 views

CVE-2002-0062

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

7.2CVSS6.5AI score0.00194EPSS

CVE•added 2000/12/19 5:0 a.m.•45 views

CVE-2000-0963

Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.

7.2CVSS7.6AI score0.00156EPSS