Skip to main content

Rxvt Unicode

3 CVEs product

Monthly

CVE-2022-4170 CRITICAL Act Now

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rxvt Unicode Extra Packages For Enterprise Linux Fedora
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-33477 HIGH POC PATCH This Week

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Eterm Mrxvt Rxvt Unicode Rxvt +2
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2014-3121 HIGH This Week

rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Rxvt Unicode
NVD
CVSS 2.0
7.6
EPSS
3.3%
EPSS 2% CVSS 9.8
CRITICAL Act Now

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rxvt Unicode Extra Packages For Enterprise Linux +1
NVD
EPSS 4% CVSS 8.8
HIGH POC PATCH This Week

rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Eterm Mrxvt +4
NVD
EPSS 3% CVSS 7.6
HIGH This Week

rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Rxvt Unicode
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy