Tats

tats

40 CVEs • 1 product

Products (1)

Click to collapse

Toggle

W3m

w3m

40 CVEs

CVEs (40)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-4255 2Fedoraproject Tats 3Extra Packages For Enterprise Linux FedoraW3m Nov 21, 2024 Dec 21, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to th...Show more An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.Show less
CVE-2023-38253 3Fedoraproject RedhatTats 4Enterprise Linux Extra Packages For Enterprise LinuxFedora+1 more Nov 21, 2024 Jul 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVE-2023-38252 3Fedoraproject RedhatTats 4Enterprise Linux Extra Packages For Enterprise LinuxFedora+1 more Feb 8, 2025 Jul 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVE-2022-38223 2Fedoraproject Tats 2Fedora W3m Nov 4, 2025 Aug 15, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecif...Show more There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.Show less
CVE-2018-6198 2Canonical Tats 2Ubuntu Linux W3m Nov 21, 2024 Jan 25, 2018 N/A· v4 4.7 MEDIUM· v3 3.3 LOW· v2 w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
CVE-2018-6197 2Canonical Tats 2Ubuntu Linux W3m Nov 21, 2024 Jan 25, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
CVE-2018-6196 2Canonical Tats 2Ubuntu Linux W3m Nov 21, 2024 Jan 25, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
CVE-2016-9436 3Opensuse Opensuse ProjectTats 3Leap LeapW3m May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
CVE-2016-9435 3Opensuse Opensuse ProjectTats 3Leap LeapW3m May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
CVE-2016-9633 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
CVE-2016-9632 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
CVE-2016-9631 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9630 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
CVE-2016-9629 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9628 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9627 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.
CVE-2016-9626 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
CVE-2016-9625 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
CVE-2016-9624 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9623 1Tats 1W3m May 6, 2026 Dec 12, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.

12 Next