Search CVE reports


Toggle filters

1 – 10 of 10 results


CVE-2023-24809

Medium priority
Needs evaluation

NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the “C” (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-5254

Medium priority
Vulnerable

In NetHack before 3.6.6, some out-of-bound values for the hilite_status option can be exploited. NetHack 3.6.6 resolves this issue.

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Not affected Not affected
Show less packages

CVE-2020-5253

Medium priority
Vulnerable

NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2020-5211

Low priority
Vulnerable

In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2020-5214

Low priority
Vulnerable

In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages

CVE-2020-5213

Low priority
Vulnerable

In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages

CVE-2020-5212

Low priority
Vulnerable

In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages

CVE-2020-5210

Low priority
Vulnerable

In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages

CVE-2020-5209

Low priority
Needs evaluation

In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-19905

Low priority
Vulnerable

NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users...

1 affected package

nethack

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nethack Not affected Not affected Vulnerable Vulnerable Not affected
Show less packages