Vulnerabilities (CVE)

Filtered by vendor Tats Subscribe
Total 40 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-9438 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9437 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
CVE-2016-9436 3 Opensuse, Opensuse Project, Tats 3 Leap, Leap, W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
CVE-2016-9435 3 Opensuse, Opensuse Project, Tats 3 Leap, Leap, W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
CVE-2016-9434 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9433 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page.
CVE-2016-9432 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (memory corruption, segmentation fault, and crash) via a crafted HTML page.
CVE-2016-9431 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
CVE-2016-9430 1 Tats 1 W3m 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
CVE-2016-9429 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
CVE-2016-9428 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
CVE-2016-9426 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service (OOM) and possibly execute arbitrary code due to bdwgc's bug (CVE-2016-9427) via a crafted HTML page.
CVE-2016-9425 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
CVE-2016-9424 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page.
CVE-2016-9423 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
CVE-2016-9422 1 Tats 1 W3m 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page.
CVE-2023-4255 2 Fedoraproject, Tats 3 Extra Packages For Enterprise Linux, Fedora, W3m 2024-03-27 N/A 5.5 MEDIUM
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
CVE-2023-38253 3 Fedoraproject, Redhat, Tats 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more 2024-03-27 N/A 5.5 MEDIUM
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVE-2023-38252 3 Fedoraproject, Redhat, Tats 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more 2024-03-27 N/A 5.5 MEDIUM
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVE-2022-38223 2 Fedoraproject, Tats 2 Fedora, W3m 2024-03-27 N/A 7.8 HIGH
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.