Every CVE whose affected-product data names Gnu Screen, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2003-0972 — CVSS 10.0 (critical): Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code…
CVE-2020-9366 — CVSS 9.8 (critical): A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special…
CVE-2021-26937 — CVSS 9.8 (critical): encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or…
CVE-2017-5618 — CVSS 7.8 (high): GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking…
CVE-2007-3048 — CVSS 7.2 (high): GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report…
CVE-2023-24626 — CVSS 6.5 (medium): socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows…
CVE-2009-1214 — CVSS 4.9 (medium): GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain…
CVE-2002-1602 — CVSS 4.6 (medium): Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.
CVE-2006-4573 — CVSS 2.6 (low): Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before…