Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lynx lynx - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-0750
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an malicious user to : - Change the password, resulting in a DOS of the users -...
Lynx-technik Yellobrik Pec 1864 Firmware -
NA
CVE-1999-0371
Lynx allows a local user to overwrite sensitive files through /tmp symlinks.
University Of Kansas Lynx
NA
CVE-1999-0817
Lynx WWW client allows a remote malicious user to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
University Of Kansas Lynx
5.9
CVSSv3
CVE-2012-5821
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle malicious users to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx Lynx -
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
NA
CVE-2006-6207
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote malicious users to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error
Lynx Internet Solutions Evolve Merchant
1 EDB exploit
NA
CVE-2006-5953
SQL injection vulnerability in viewcart.asp in Evolve shopping cart (aka Evolve Merchant) allows remote malicious users to execute arbitrary SQL commands via the zoneid parameter.
Lynx Internet Solutions Evolve Merchant
5.3
CVSSv3
CVE-2021-38165
Lynx up to and including 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote malicious users to discover cleartext credentials because they may appear in SNI data.
Lynx Project Lynx
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
5.4
CVSSv3
CVE-2020-9055
Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated malicious user to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, ses...
Versiant Lynx Customer Service Portal 3.5.2
9.8
CVSSv3
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island Lynx
Debian Debian Linux 3.1
Debian Debian Linux 3.0
1 EDB exploit
5.4
CVSSv3
CVE-2023-42765
An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration.
Westermo L206-f2g Firmware 4.24
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »