Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ncurses
(Gnu)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 27 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-09-20 | CVE-2021-39537 | An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. | Mac_os_x, Macos, Ncurses | 8.8 | ||
2022-04-18 | CVE-2022-29458 | ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. | Macos, Debian_linux, Ncurses | 7.1 | ||
2023-04-14 | CVE-2023-29491 | ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | Ncurses | 7.8 | ||
2023-08-22 | CVE-2020-19185 | Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | Ncurses, Active_iq_unified_manager | 6.5 | ||
2023-08-22 | CVE-2020-19186 | Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | Ncurses, Active_iq_unified_manager | 6.5 | ||
2023-08-22 | CVE-2020-19187 | Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | Ncurses, Active_iq_unified_manager | 6.5 | ||
2023-08-22 | CVE-2020-19188 | Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | Ncurses, Active_iq_unified_manager | 6.5 | ||
2023-08-22 | CVE-2020-19189 | Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | Debian_linux, Ncurses, Active_iq_unified_manager | 6.5 | ||
2023-08-22 | CVE-2020-19190 | Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | Ncurses, Active_iq_unified_manager | 6.5 | ||
2018-11-12 | CVE-2018-19217 | In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party | Ncurses | 6.5 |