Skip to main content

Screen

4 CVEs product

Monthly

CVE-2023-24626 MEDIUM POC PATCH This Month

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID,. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Screen
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-26937 CRITICAL POC Act Now

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Screen Debian Linux Fedora
NVD
CVSS 3.1
9.8
EPSS
9.1%
CVE-2020-9366 CRITICAL PATCH Act Now

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Screen
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2017-5618 HIGH POC PATCH This Week

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Screen
NVD
CVSS 3.0
7.8
EPSS
3.0%
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID,. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Screen
NVD Exploit-DB
EPSS 9% CVSS 9.8
CRITICAL POC Act Now

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Screen Debian Linux +1
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Screen
NVD
EPSS 3% CVSS 7.8
HIGH POC PATCH This Week

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Screen
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy