Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cygwin Subscribe
Filtered by product Cygwin
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7523 1 Cygwin 1 Cygwin 2019-10-09 5.0 MEDIUM 7.5 HIGH
Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string.
CVE-2016-3067 1 Cygwin 1 Cygwin 2017-04-27 7.5 HIGH 9.8 CRITICAL
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.