CVSS: 5.3EPSS: 3%CPEs: 6EXPL: 0CVE-2021-38165 – lynx: Disclosure of HTTP authentication credentials via SNI data
https://notcve.org/view.php?id=CVE-2021-38165
07 Aug 2021 — Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. HTParse en Lynx versiones hasta 2.8.9, maneja inapropiadamente el subcomponente userinfo de un URI, que permite a atacantes remotos descubrir credenciales en texto sin cifrar porque pueden aparecer en los datos SNI o en los encabezados HTTP A flaw was found in the way lynx parsed URLs with userinfo part containing authentication credentials. T... • http://www.openwall.com/lists/oss-security/2021/08/07/11 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 179EXPL: 1CVE-2006-7234 – Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
https://notcve.org/view.php?id=CVE-2006-7234
27 Oct 2008 — Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en Lynx anterior a 2.8.6rel.4; permite a usuarios locales ejecutar código de su elección a través de los ficheros maliciosos (1) .mailcap y (2) mime.types en el directorio de trabajo actual. • https://www.exploit-db.com/exploits/32530 •
CVSS: 10.0EPSS: 18%CPEs: 176EXPL: 0CVE-2008-4690 – lynx: remote arbitrary command execution via a crafted lynxcgi: URL
https://notcve.org/view.php?id=CVE-2008-4690
22 Oct 2008 — lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler. lynx v2.8.6dev.15 y anteriores, cuando está activado el modo avanzado y lynx está configurado como manejador de URL, permite a atacantes remotos ejecutar comandos de su elección a través de un ... • http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 6%CPEs: 3EXPL: 0CVE-2005-2929 – lynx arbitrary command execution
https://notcve.org/view.php?id=CVE-2005-2929
18 Nov 2005 — Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 30%CPEs: 3EXPL: 1CVE-2005-3120 – Lynx 2.8.6dev.13 - Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2005-3120
17 Oct 2005 — Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. • https://www.exploit-db.com/exploits/1256 • CWE-131: Incorrect Calculation of Buffer Size •