6.0 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:gnu:ncurses:6.0:*:*:*:*:*:*:*

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2017-16879	787	DoS Exec Code Overflow	2017-11-22	2021-06-29	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.
2	CVE-2017-13734	119	DoS Overflow	2017-08-29	2018-10-21	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
3	CVE-2017-13733	119	DoS Overflow	2017-08-29	2021-06-29	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
4	CVE-2017-13732	119	DoS Overflow	2017-08-29	2021-06-29	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
5	CVE-2017-13731	119	DoS Overflow	2017-08-29	2021-06-29	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
6	CVE-2017-13730	119	DoS Overflow	2017-08-29	2021-06-29	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
7	CVE-2017-13729	119	DoS Overflow	2017-08-29	2021-06-29	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
8	CVE-2017-13728	835	DoS	2017-08-29	2021-06-29	4.3	None	Remote	Medium	Not required	None	None	Partial
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
9	CVE-2017-11113	476	DoS	2017-07-08	2019-05-06	5.0	None	Remote	Low	Not required	None	None	Partial
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
10	CVE-2017-11112	20	DoS	2017-07-08	2018-10-21	5.0	None	Remote	Low	Not required	None	None	Partial
In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
11	CVE-2017-10685	134	Exec Code	2017-06-29	2019-10-03	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
12	CVE-2017-10684	119	Exec Code Overflow	2017-06-29	2021-06-29	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.

Total number of vulnerabilities : 12 Page : 1 (This Page)