Terminal
by Apple Inc.
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-37136 | Hig | 0.49 | 7.5 | 0.00 | Feb 5, 2026 | ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when… | ||
| CVE-2002-1898 | 0.03 | — | 0.03 | Dec 31, 2002 | Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window. | |||
| CVE-2015-5883 | 0.00 | — | 0.02 | Oct 9, 2015 | The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence. | |||
| CVE-2011-0189 | 0.00 | — | 0.01 | Mar 23, 2011 | The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities. | |||
| CVE-2009-1717 | 0.00 | — | 0.03 | Jun 5, 2009 | Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based… | |||
| CVE-2008-0042 | 0.00 | — | 0.04 | Feb 12, 2008 | Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes. | |||
| CVE-2005-1342 | 0.00 | — | 0.05 | May 4, 2005 | The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. | |||
| CVE-2005-1341 | 0.00 | — | 0.03 | May 4, 2005 | Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | |||
| CVE-2003-0913 | 0.00 | — | 0.00 | Dec 1, 2003 | Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." |
- risk 0.49cvss 7.5epss 0.00
ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when…
- CVE-2002-1898Dec 31, 2002risk 0.03cvss —epss 0.03
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
- CVE-2015-5883Oct 9, 2015risk 0.00cvss —epss 0.02
The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence.
- CVE-2011-0189Mar 23, 2011risk 0.00cvss —epss 0.01
The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities.
- CVE-2009-1717Jun 5, 2009risk 0.00cvss —epss 0.03
Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based…
- CVE-2008-0042Feb 12, 2008risk 0.00cvss —epss 0.04
Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes.
- CVE-2005-1342May 4, 2005risk 0.00cvss —epss 0.05
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
- CVE-2005-1341May 4, 2005risk 0.00cvss —epss 0.03
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
- CVE-2003-0913Dec 1, 2003risk 0.00cvss —epss 0.00
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access."