Vulnerabilities > Tats
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-21 | CVE-2023-4255 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. | 5.5 |
2023-07-14 | CVE-2023-38252 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. | 5.5 |
2023-07-14 | CVE-2023-38253 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. | 5.5 |
2022-08-15 | CVE-2022-38223 | Out-of-bounds Write vulnerability in multiple products There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. | 7.8 |
2018-01-25 | CVE-2018-6198 | Link Following vulnerability in multiple products w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. | 4.7 |
2018-01-25 | CVE-2018-6197 | NULL Pointer Dereference vulnerability in multiple products w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | 7.5 |
2018-01-25 | CVE-2018-6196 | Infinite Loop vulnerability in multiple products w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. | 7.5 |
2017-01-20 | CVE-2016-9436 | Improper Input Validation vulnerability in multiple products parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag. | 6.5 |
2017-01-20 | CVE-2016-9435 | Improper Input Validation vulnerability in multiple products The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags. | 6.5 |
2016-12-12 | CVE-2016-9633 | Resource Management Errors vulnerability in Tats W3M An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. | 6.5 |