Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lynx vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2012-5821
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle malicious users to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx Lynx -
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
5.7
CVSSv3
CVE-2023-40544
An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.
Westermo L206-f2g Firmware 4.24
5.4
CVSSv3
CVE-2023-42765
An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration.
Westermo L206-f2g Firmware 4.24
5.4
CVSSv3
CVE-2023-40143
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter.
Westermo L206-f2g Firmware 4.24
5.4
CVSSv3
CVE-2023-45222
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.
Westermo L206-f2g Firmware 4.24
5.4
CVSSv3
CVE-2023-45227
An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "dns.0.server" parameter.
Westermo L206-f2g Firmware 4.24
5.4
CVSSv3
CVE-2020-9055
Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated malicious user to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, ses...
Versiant Lynx Customer Service Portal 3.5.2
5.3
CVSSv3
CVE-2021-38165
Lynx up to and including 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote malicious users to discover cleartext credentials because they may appear in SNI data.
Lynx Project Lynx
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
5.3
CVSSv3
CVE-2017-1000211
Lynx prior to 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.
Lynx Project Lynx 2.8.9
3.3
CVSSv3
CVE-2016-5615
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.
Oracle Solaris 11.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »