Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7523 | 1 Cygwin | 1 Cygwin | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string. | |||||
CVE-2016-3067 | 1 Cygwin | 1 Cygwin | 2017-04-27 | 7.5 HIGH | 9.8 CRITICAL |
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. |