Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2024-25004

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.

  • Published: Feb 9, 2024
  • Updated: Feb 15, 2024
  • CVE: CVE-2024-25004
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
9bis / kitty - 0.76.1.13.x