5 results (0.007 seconds)

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation. ELinks 0.12 y Twibright Links 2.3 tienen una falta de validación de certificados SSL. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694658 https://bugzilla.redhat.com/show_bug.cgi?id=881399 • CWE-295: Improper Certificate Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file. La función put_chars en el archivo html_r.c en Twibright Links versión 2.14, permite a los atacantes remotos causar una denegación de servicio (lectura excesiva del búfer) por medio de un archivo HTML creado. The put_chars function in html_r.c in Links version 2.14 can cause a denial of service (buffer over-read) via a crafted html file. • http://seclists.org/fulldisclosure/2017/Jul/76 • CWE-125: Out-of-bounds Read •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in Links before 2.8 allows remote attackers to cause a denial of service (crash) via crafted HTML tables. Desbordamiento de enteros en Links anterior a la versión 2.8 permite a atacantes remotos provocar una denegación de servicio (caída) a través de tablas HTML. • http://links.twibright.com/download/ChangeLog http://www.debian.org/security/2013/dsa-2807 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 0%CPEs: 92EXPL: 0

Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." Vulnerabilidad no especificada en Links anterior a 2.1, cuando la opción "only proxies" (solo proxies) está activada, tiene un impacto y vectores de ataques desconocidos relacionado con que proporciona "URLs a programas externos". • http://links.twibright.com/download/ChangeLog http://www.securityfocus.com/bid/30422 https://exchange.xforce.ibmcloud.com/vulnerabilities/44035 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. • http://atrey.karlin.mff.cuni.cz/~clock/twibright/links/download/ChangeLog http://www.iss.net/security_center/static/9287.php http://www.securityfocus.com/bid/4921 •