VYPR

W3m

by Tats

Source repositories

CVEs (42)

  • CVE-2016-9622MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9443MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9442MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.

  • CVE-2016-9441MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9440MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9439MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.

  • CVE-2016-9438MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9437MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.

  • CVE-2016-9434MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2016-9433MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page.

  • CVE-2016-9432MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page.

  • CVE-2016-9431MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.

  • CVE-2016-9430MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

  • CVE-2001-0700Sep 20, 2001
    risk 0.04cvss epss 0.13

    Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.

  • CVE-2023-4255Dec 21, 2023
    risk 0.00cvss epss 0.00

    An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to…

  • CVE-2023-38253Jul 14, 2023
    risk 0.00cvss epss 0.00

    An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

  • CVE-2023-38252Jul 14, 2023
    risk 0.00cvss epss 0.00

    An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

  • CVE-2022-38223Aug 15, 2022
    risk 0.00cvss epss 0.00

    There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.

  • CVE-2018-6197HigJan 25, 2018
    risk 0.00cvss 7.5epss 0.04

    w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.

  • CVE-2018-6196HigJan 25, 2018
    risk 0.00cvss 7.5epss 0.03

    w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.