Vulnerabilities > Nethack > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-10 | CVE-2020-5253 | Improper Privilege Management vulnerability in Nethack NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. | 9.8 |
| 2020-01-28 | CVE-2020-5211 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 9.8 |
| 2020-01-28 | CVE-2020-5214 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 9.8 |
| 2020-01-28 | CVE-2020-5213 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 9.8 |
| 2020-01-28 | CVE-2020-5212 | Classic Buffer Overflow vulnerability in Nethack In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. | 9.8 |
| 2019-12-19 | CVE-2019-19905 | Classic Buffer Overflow vulnerability in Nethack NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. | 9.8 |