CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 1CVE-2020-19185 – Apple Security Advisory 12-11-2023-6
https://notcve.org/view.php?id=CVE-2020-19185
22 Aug 2023 — Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Vulnerabilidad de desbordamiento de búfer en la función "one_one_mapping" en progs/dump_entry.c:1373 en ncurses v6.1 que permite a atacantes remotos causar una denegación de servicio a través de un comando manipulado. macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2023/Dec/10 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 1CVE-2020-19186 – Apple Security Advisory 12-11-2023-6
https://notcve.org/view.php?id=CVE-2020-19186
22 Aug 2023 — Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Vulnerabilidad de desbordamiento de búfer en la función "_nc_find_entry" en tinfo/comp_hash.c:66 en ncurses v6.1 que permite a atacantes remotos causar una denegación de servicio a través de un comando manipulado. macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2023/Dec/10 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 1CVE-2020-19187 – Apple Security Advisory 12-11-2023-6
https://notcve.org/view.php?id=CVE-2020-19187
22 Aug 2023 — Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. La vulnerabilidad de desbordamiento de búfer en la función fmt_entry en progs/dump_entry.c:1100 en ncurses v6.1 permite a atacantes remotos causar una denegación de servicio a través de un comando manipulado. macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2023/Dec/10 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 1CVE-2020-19188 – Apple Security Advisory 12-11-2023-6
https://notcve.org/view.php?id=CVE-2020-19188
22 Aug 2023 — Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. La vulnerabilidad de desbordamiento de búfer en la función fmt_entry en progs/dump_entry.c:1116 en ncurses v6.1 permite a atacantes remotos causar una denegación de servicios a través de un comando manipulado. macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2023/Dec/10 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 2%CPEs: 3EXPL: 1CVE-2020-19189 – Ubuntu Security Notice USN-6451-1
https://notcve.org/view.php?id=CVE-2020-19189
22 Aug 2023 — Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Vulnerabilidad de Buffer Overflow en la función "postprocess_terminfo" en tinfo/parse_entry.c:997 en ncurses v6.1 que permite a atacantes remotos causar una denegación de servicios a través de un comando manipulado. It was discovered that ncurses could be made to read out of bounds. An attacker could possibly use this issue to caus... • http://seclists.org/fulldisclosure/2023/Dec/10 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 1CVE-2020-19190 – Apple Security Advisory 12-11-2023-6
https://notcve.org/view.php?id=CVE-2020-19190
22 Aug 2023 — Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. La vulnerabilidad de desbordamiento de búfer en "_nc_find_entry" en "tinfo/comp_hash.c" en ncurses 6.1 permite a atacantes remotos causar una denegación de servicio a través de un comando manipulado. macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities. • http://seclists.org/fulldisclosure/2023/Dec/10 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29491 – ncurses: Local users can trigger security-relevant memory corruption via malformed data
https://notcve.org/view.php?id=CVE-2023-29491
14 Apr 2023 — ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. A vulnerability was found in ncurses and occurs when used by a setuid application. This flaw allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file found in $HOME/.terminfo or reached vi... • http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2022-29458 – Ubuntu Security Notice USN-6099-1
https://notcve.org/view.php?id=CVE-2022-29458
18 Apr 2022 — ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. ncurses versiones 6.3 anteriores al parche 20220416, presentan una lectura fuera de límites y una violación de segmentación en el archivo convert_strings en tinfo/read_entry.c en la biblioteca terminfo It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-39537 – Ubuntu Security Notice USN-6099-1
https://notcve.org/view.php?id=CVE-2021-39537
20 Sep 2021 — An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Se ha detectado un problema en ncurses versiones hasta v6.2-1. La función _nc_captoinfo en el archivo captoinfo.c presenta un desbordamiento de búfer en la región heap de la memoria It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. • http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2019-17594 – ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c
https://notcve.org/view.php?id=CVE-2019-17594
14 Oct 2019 — There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función _nc_find_entry en tinfo/comp_hash.c la biblioteca terminfo en ncurses en versiones anteriores a la 6.1-20191012. Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges tha... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •