cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-24626,https://securityvulnerability.io/vulnerability/CVE-2023-24626,Local Privilege Escalation in GNU Screen on Arch Linux and FreeBSD,"A vulnerability in GNU Screen occurs due to improper handling of the setuid and setgid settings, particularly on systems like Arch Linux and FreeBSD. Local users can exploit this weakness to send a SIGHUP signal to any process ID, potentially leading to denial of service or disruption of the target applications. This raises significant concerns about the integrity of software behavior when running in privileged modes, allowing for unauthorized process manipulation.",Gnu,Screen,6.5,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-04-08T05:15:00.000Z,0
CVE-2021-26937,https://securityvulnerability.io/vulnerability/CVE-2021-26937,Denial of Service Vulnerability in GNU Screen By GNU,"The vulnerability allows remote attackers to exploit GNU Screen versions through crafted UTF-8 character sequences, leading to invalid write access. This can result in application crashes and potential disruption of service. The issue arises from improper handling of character input in encoding.c, which can cause instability and shutdowns in applications using this terminal multiplexer. Users are advised to upgrade to the latest patched version to mitigate risk.",Gnu,Screen,9.8,CRITICAL,0.023310000076889992,false,,false,false,false,,,false,false,,2021-02-09T19:35:50.000Z,0
CVE-2020-9366,https://securityvulnerability.io/vulnerability/CVE-2020-9366,Buffer Overflow in GNU Screen Affects Users,"A buffer overflow vulnerability exists in GNU Screen prior to version 4.8.0 due to improper handling of the OSC 49 escape sequence. This flaw can result in memory corruption, potentially leading to application crashes and other unpredictable behaviors. Maliciously crafted outputs or programs can exploit this vulnerability, compromising system stability.",Gnu,Screen,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2020-02-24T16:20:15.000Z,0
CVE-2017-5618,https://securityvulnerability.io/vulnerability/CVE-2017-5618,,GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.,Gnu,Screen,7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2017-03-20T16:00:00.000Z,0
CVE-2015-6806,https://securityvulnerability.io/vulnerability/CVE-2015-6806,,"The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service (stack consumption) via an escape sequence with a large repeat count value.",Gnu,Gnu Screen,,,0.13728000223636627,false,,false,false,false,,,false,false,,2015-09-28T20:00:00.000Z,0
CVE-2009-1214,https://securityvulnerability.io/vulnerability/CVE-2009-1214,,"GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.",Gnu,Screen,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2009-04-01T10:00:00.000Z,0
CVE-2009-1215,https://securityvulnerability.io/vulnerability/CVE-2009-1215,,Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.,Gnu,Gnu Screen,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2009-04-01T10:00:00.000Z,0
CVE-2007-3048,https://securityvulnerability.io/vulnerability/CVE-2007-3048,,GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt.  NOTE: multiple third parties report inability to reproduce this issue,Gnu,Screen,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2007-06-05T23:30:00.000Z,0
CVE-2006-4573,https://securityvulnerability.io/vulnerability/CVE-2006-4573,,"Multiple unspecified vulnerabilities in the ""utf8 combining characters handling"" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.",Gnu,Screen,,,0.02020999975502491,false,,false,false,false,,,false,false,,2006-10-24T18:00:00.000Z,0
CVE-2003-0972,https://securityvulnerability.io/vulnerability/CVE-2003-0972,,"Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of "";"" (semicolon) characters in escape sequences, which leads to a buffer overflow.",Gnu,Screen,,,0.0027799999807029963,false,,false,false,false,,,false,false,,2003-12-15T05:00:00.000Z,0
CVE-2002-1602,https://securityvulnerability.io/vulnerability/CVE-2002-1602,,"Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.",Gnu,Screen,,,0.0013800000306218863,false,,false,false,false,,,false,false,,2002-04-23T04:00:00.000Z,0