Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 29 results


CVE-2021-39537

Negligible priority

Some fixes available 4 of 5

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Not affected Fixed Fixed Fixed
Show less packages

CVE-2019-17595

Negligible priority

Some fixes available 10 of 12

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-17594

Negligible priority

Some fixes available 10 of 12

There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-15548

Medium priority
Vulnerable

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled.

1 affected packages

rust-ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rust-ncurses Not in release Vulnerable Vulnerable Not in release Not in release
Show less packages

CVE-2019-15547

Medium priority
Vulnerable

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled.

1 affected packages

rust-ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rust-ncurses Not in release Vulnerable Vulnerable Not in release Not in release
Show less packages

CVE-2018-19217

Low priority
Fixed

** DISPUTED ** In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did...

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Not affected Not affected Not affected Fixed
Show less packages

CVE-2018-19211

Low priority
Fixed

In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*'...

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Not affected Not affected Fixed Fixed
Show less packages

CVE-2017-16879

Negligible priority

Some fixes available 2 of 4

Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as...

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-13734

Negligible priority

Some fixes available 2 of 4

There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-13733

Negligible priority

Some fixes available 2 of 4

There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.

1 affected packages

ncurses

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ncurses Not affected Not affected Not affected Fixed
Show less packages