Vulnerabilities > GNU > Ncurses
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-14 | CVE-2019-17594 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | 5.3 |
| 2018-11-12 | CVE-2018-19217 | NULL Pointer Dereference vulnerability in GNU Ncurses 6.1 In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. | 6.5 |
| 2018-11-12 | CVE-2018-19211 | NULL Pointer Dereference vulnerability in GNU Ncurses 6.1 In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. | 5.5 |
| 2017-11-22 | CVE-2017-16879 | Out-of-bounds Write vulnerability in GNU Ncurses 6.0 Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. | 7.8 |
| 2017-08-29 | CVE-2017-13734 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13733 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13731 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13730 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13729 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. | 6.5 |