Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lynx vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-0750
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an malicious user to : - Change the password, resulting in a DOS of the users -...
Lynx-technik Yellobrik Pec 1864 Firmware -
NA
CVE-1999-0371
Lynx allows a local user to overwrite sensitive files through /tmp symlinks.
University Of Kansas Lynx
NA
CVE-1999-0817
Lynx WWW client allows a remote malicious user to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
University Of Kansas Lynx
5.9
CVSSv3
CVE-2012-5821
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle malicious users to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx Lynx -
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
NA
CVE-2006-5953
SQL injection vulnerability in viewcart.asp in Evolve shopping cart (aka Evolve Merchant) allows remote malicious users to execute arbitrary SQL commands via the zoneid parameter.
Lynx Internet Solutions Evolve Merchant
NA
CVE-2006-6207
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote malicious users to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error
Lynx Internet Solutions Evolve Merchant
1 EDB exploit
5.3
CVSSv3
CVE-2021-38165
Lynx up to and including 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote malicious users to discover cleartext credentials because they may appear in SNI data.
Lynx Project Lynx
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
5.4
CVSSv3
CVE-2020-9055
Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnerable to stored cross-site scripting, which could allow a local, authenticated malicious user to insert malicious JavaScript that is stored and displayed to the end user. This could lead to website redirects, ses...
Versiant Lynx Customer Service Portal 3.5.2
9.8
CVSSv3
CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and previous versions allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
Invisible-island Lynx
Debian Debian Linux 3.1
Debian Debian Linux 3.0
1 EDB exploit
5.4
CVSSv3
CVE-2023-40143
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter.
Westermo L206-f2g Firmware 4.24
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »