VYPR
Vendor

Invisible Island

Products
4
CVEs
6
Across products
6
Status
Private

Products

4

Recent CVEs

6
  • CVE-2005-3120CriOct 17, 2005
    risk 0.69cvss 9.8epss 0.23

    Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.

  • CVE-2022-45063CriNov 10, 2022
    risk 0.65cvss 9.8epss 0.05

    xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.

  • CVE-2017-20229CriMar 28, 2026
    risk 0.64cvss 9.8epss 0.01

    MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a…

  • CVE-2025-69720HigMar 19, 2026
    risk 0.47cvss 7.3epss 0.00

    The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.

  • CVE-2006-7236Jan 2, 2009
    risk 0.04cvss epss 0.07

    The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.

  • CVE-2008-2383Jan 2, 2009
    risk 0.00cvss epss 0.05

    CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and…