Skip to main content

Xterm

2 CVEs product

Monthly

CVE-2023-40359 CRITICAL Act Now

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Xterm
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-27135 CRITICAL PATCH Act Now

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Denial Of Service Xterm Debian Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
7.5%
EPSS 1% CVSS 9.8
CRITICAL Act Now

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Xterm
NVD
EPSS 8% CVSS 9.8
CRITICAL PATCH Act Now

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Denial Of Service Xterm +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy