Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2024-25003

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.

  • Published: Feb 9, 2024
  • Updated: Feb 15, 2024
  • CVE: CVE-2024-25003
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
9bis / kitty - 0.76.1.13.x