Filtered by vendor Lynx
Subscriptions
Filtered by product Lynx
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-7234 | 2 Lynx, Redhat | 2 Lynx, Enterprise Linux | 2024-08-07 | N/A |
| Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory. | ||||
| CVE-2008-4690 | 2 Lynx, Redhat | 2 Lynx, Enterprise Linux | 2024-08-07 | N/A |
| lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler. | ||||
| CVE-2010-2810 | 1 Lynx | 1 Lynx | 2024-08-07 | N/A |
| Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name. | ||||
| CVE-2012-5821 | 2 Canonical, Lynx | 2 Ubuntu Linux, Lynx | 2024-08-06 | 5.9 Medium |
| Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function. | ||||
| CVE-2016-9179 | 1 Lynx | 1 Lynx | 2024-08-06 | N/A |
| lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host. | ||||
Page 1 of 1.