CVSS: 5.3EPSS: 3%CPEs: 6EXPL: 0CVE-2021-38165 – lynx: Disclosure of HTTP authentication credentials via SNI data
https://notcve.org/view.php?id=CVE-2021-38165
07 Aug 2021 — Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. HTParse en Lynx versiones hasta 2.8.9, maneja inapropiadamente el subcomponente userinfo de un URI, que permite a atacantes remotos descubrir credenciales en texto sin cifrar porque pueden aparecer en los datos SNI o en los encabezados HTTP A flaw was found in the way lynx parsed URLs with userinfo part containing authentication credentials. T... • http://www.openwall.com/lists/oss-security/2021/08/07/11 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 179EXPL: 1CVE-2006-7234 – Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
https://notcve.org/view.php?id=CVE-2006-7234
27 Oct 2008 — Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en Lynx anterior a 2.8.6rel.4; permite a usuarios locales ejecutar código de su elección a través de los ficheros maliciosos (1) .mailcap y (2) mime.types en el directorio de trabajo actual. • https://www.exploit-db.com/exploits/32530 •
CVSS: 10.0EPSS: 18%CPEs: 176EXPL: 0CVE-2008-4690 – lynx: remote arbitrary command execution via a crafted lynxcgi: URL
https://notcve.org/view.php?id=CVE-2008-4690
22 Oct 2008 — lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler. lynx v2.8.6dev.15 y anteriores, cuando está activado el modo avanzado y lynx está configurado como manejador de URL, permite a atacantes remotos ejecutar comandos de su elección a través de un ... • http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 30%CPEs: 3EXPL: 1CVE-2005-3120 – Lynx 2.8.6dev.13 - Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2005-3120
17 Oct 2005 — Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. • https://www.exploit-db.com/exploits/1256 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 6.5EPSS: 3%CPEs: 16EXPL: 1CVE-2004-1617
https://notcve.org/view.php?id=CVE-2004-1617
18 Oct 2004 — Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme. NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value. • http://lcamtuf.coredump.cx/mangleme/gallery • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 0CVE-2000-0209
https://notcve.org/view.php?id=CVE-2000-0209
27 Feb 2000 — Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page. • http://www.securityfocus.com/bid/1012 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-1999-1549
https://notcve.org/view.php?id=CVE-1999-1549
16 Nov 1999 — Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. • http://marc.info/?l=bugtraq&m=94286509804526&w=2 • CWE-346: Origin Validation Error •