Skip to main content

Cygwin

2 CVEs product

Monthly

CVE-2017-7523 HIGH POC This Week

Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Cygwin
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-3067 CRITICAL Act Now

Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cygwin
NVD
CVSS 3.0
9.8
EPSS
0.6%
EPSS 0% CVSS 7.5
HIGH POC This Week

Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Cygwin
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Cygwin
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy