Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ncurses vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-19187
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote malicious users to cause a denial of service via crafted command.
Gnu Ncurses 6.1
Netapp Active Iq Unified Manager -
NA
CVE-2023-29491
ncurses prior to 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
Gnu Ncurses
5.8
CVSSv2
CVE-2022-29458
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
Gnu Ncurses 6.3
Gnu Ncurses
Apple Macos
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2021-39537
An issue exists in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.
Gnu Ncurses
Apple Mac Os X 10.12.6
Apple Macos 13.0
Apple Macos 11.7
4.6
CVSSv2
CVE-2019-17594
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses prior to 6.1-20191012.
Gnu Ncurses
Opensuse Leap 15.0
Opensuse Leap 15.1
5.8
CVSSv2
CVE-2019-17595
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses prior to 6.1-20191012.
Gnu Ncurses
Opensuse Leap 15.0
Opensuse Leap 15.1
6.4
CVSSv2
CVE-2019-15547
An issue exists in the ncurses crate up to and including 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled.
Ncurses Project Ncurses
1 Github repository
7.5
CVSSv2
CVE-2019-15548
An issue exists in the ncurses crate up to and including 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled.
Ncurses Project Ncurses
1 Github repository
4.3
CVSSv2
CVE-2018-19211
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.
Gnu Ncurses 6.1
4.3
CVSSv2
CVE-2018-19217
In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a rel...
Gnu Ncurses 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »