Filtered by vendor Tats
Subscriptions
Filtered by product W3m
Subscriptions
Total
40 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-4255 | 2 Fedoraproject, Tats | 3 Extra Packages For Enterprise Linux, Fedora, W3m | 2024-11-21 | 5.5 Medium |
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. | ||||
CVE-2023-38253 | 3 Fedoraproject, Redhat, Tats | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 4.7 Medium |
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | ||||
CVE-2023-38252 | 3 Fedoraproject, Redhat, Tats | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 4.7 Medium |
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | ||||
CVE-2022-38223 | 2 Fedoraproject, Tats | 2 Fedora, W3m | 2024-11-21 | 7.8 High |
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. | ||||
CVE-2018-6198 | 2 Canonical, Tats | 2 Ubuntu Linux, W3m | 2024-11-21 | N/A |
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. | ||||
CVE-2018-6197 | 2 Canonical, Tats | 2 Ubuntu Linux, W3m | 2024-11-21 | N/A |
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | ||||
CVE-2018-6196 | 2 Canonical, Tats | 2 Ubuntu Linux, W3m | 2024-11-21 | N/A |
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. | ||||
CVE-2016-9633 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page. | ||||
CVE-2016-9632 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. | ||||
CVE-2016-9631 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||
CVE-2016-9630 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. | ||||
CVE-2016-9629 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||
CVE-2016-9628 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||
CVE-2016-9627 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page. | ||||
CVE-2016-9626 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||||
CVE-2016-9625 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||||
CVE-2016-9624 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||
CVE-2016-9623 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||
CVE-2016-9622 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||||
CVE-2016-9443 | 1 Tats | 1 W3m | 2024-11-21 | N/A |
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. |