Vendor CVEs
Tats
All CVEs
42 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9429 | Hig | 0.58 | 8.8 | 0.04 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | ||
| CVE-2016-9428 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | ||
| CVE-2016-9426 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a… | ||
| CVE-2016-9425 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | ||
| CVE-2016-9424 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML… | ||
| CVE-2016-9423 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | ||
| CVE-2016-9422 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute… | ||
| CVE-2016-9436 | Med | 0.43 | 6.5 | 0.03 | Jan 20, 2017 | parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag. | ||
| CVE-2016-9435 | Med | 0.43 | 6.5 | 0.03 | Jan 20, 2017 | The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to tags. | ||
| CVE-2016-9633 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page. | ||
| CVE-2016-9632 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. | ||
| CVE-2016-9631 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9630 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. | ||
| CVE-2016-9629 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9628 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9627 | Med | 0.42 | 6.5 | 0.03 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page. | ||
| CVE-2016-9626 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||
| CVE-2016-9625 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||
| CVE-2016-9624 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9623 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9622 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9443 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9442 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page. | ||
| CVE-2016-9441 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9440 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9439 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||
| CVE-2016-9438 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9437 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page. | ||
| CVE-2016-9434 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2016-9433 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page. | ||
| CVE-2016-9432 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page. | ||
| CVE-2016-9431 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | ||
| CVE-2016-9430 | Med | 0.42 | 6.5 | 0.02 | Dec 12, 2016 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | ||
| CVE-2001-0700 | 0.04 | — | 0.13 | Sep 20, 2001 | Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header. | |||
| CVE-2023-4255 | 0.00 | — | 0.00 | Dec 21, 2023 | An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to… | |||
| CVE-2023-38253 | 0.00 | — | 0.00 | Jul 14, 2023 | An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | |||
| CVE-2023-38252 | 0.00 | — | 0.00 | Jul 14, 2023 | An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | |||
| CVE-2022-38223 | 0.00 | — | 0.00 | Aug 15, 2022 | There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. | |||
| CVE-2018-6197 | Hig | 0.00 | 7.5 | 0.04 | Jan 25, 2018 | w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | ||
| CVE-2018-6196 | Hig | 0.00 | 7.5 | 0.03 | Jan 25, 2018 | w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. | ||
| CVE-2010-2074 | 0.00 | — | 0.01 | Jun 16, 2010 | istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle… | |||
| CVE-2002-1348 | 0.00 | — | 0.02 | Feb 19, 2003 | w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. |
- risk 0.58cvss 8.8epss 0.04
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a…
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML…
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute…
- risk 0.43cvss 6.5epss 0.03
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag.
- risk 0.43cvss 6.5epss 0.03
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to tags.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.03
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
- CVE-2001-0700Sep 20, 2001risk 0.04cvss —epss 0.13
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.
- CVE-2023-4255Dec 21, 2023risk 0.00cvss —epss 0.00
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to…
- CVE-2023-38253Jul 14, 2023risk 0.00cvss —epss 0.00
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
- CVE-2023-38252Jul 14, 2023risk 0.00cvss —epss 0.00
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
- CVE-2022-38223Aug 15, 2022risk 0.00cvss —epss 0.00
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
- risk 0.00cvss 7.5epss 0.04
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
- risk 0.00cvss 7.5epss 0.03
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
- CVE-2010-2074Jun 16, 2010risk 0.00cvss —epss 0.01
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle…
- CVE-2002-1348Feb 19, 2003risk 0.00cvss —epss 0.02
w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.