Thomas E. Dickey

2 exploits Active since Nov 2017

CVE-2017-1000211 WRITEUP MEDIUM WRITEUP

Lynx < 2.8.9dev.16 - Use-After-Free in HTML Parser

Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

CVSS 5.3

View Code

CVE-2021-27135 WRITEUP CRITICAL WRITEUP

xterm < 366 - Remote Code Execution via UTF-8 Combining Character Sequence

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.

CVSS 9.8

View Code