Product:

Ncurses

(Gnu)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 27
Date Id Summary Products Score Patch Annotated
2018-11-12 CVE-2018-19217 In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party Ncurses 6.5
2023-04-14 CVE-2023-29491 ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. Ncurses 7.8
2023-08-22 CVE-2020-19185 Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Ncurses, Active_iq_unified_manager 6.5
2023-08-22 CVE-2020-19186 Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Ncurses, Active_iq_unified_manager 6.5
2023-08-22 CVE-2020-19187 Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Ncurses, Active_iq_unified_manager 6.5
2023-08-22 CVE-2020-19188 Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Ncurses, Active_iq_unified_manager 6.5
2023-08-22 CVE-2020-19189 Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Debian_linux, Ncurses, Active_iq_unified_manager 6.5