Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple terminal vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-4106
An issue exists in certain Apple products. macOS prior to 10.13.4 is affected. The issue involves the Bracketed Paste Mode of the "Terminal" component. It allows user-assisted malicious users to inject arbitrary commands within pasted content.
Apple Mac Os X
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
6.5
CVSSv3
CVE-2019-20503
usrsctp prior to 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Usrsctp Project Usrsctp
1 Article
5.6
CVSSv3
CVE-2018-3640
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var...
Intel Xeon E7 8870
Intel Xeon E7 8867l
Intel Xeon E7 8860
Intel Xeon E7 8850
Intel Xeon E7 8837
Intel Xeon E7 8830
Intel Xeon E7 4870
Intel Xeon E7 4860
Intel Xeon E7 4850
Intel Xeon E7 4830
Intel Xeon E7 4820
Intel Xeon E7 4807
Intel Xeon E7 2870
Intel Xeon E7 2860
Intel Xeon E7 2850
Intel Xeon E7 2830
Intel Xeon E7 2820
Intel Xeon E7 2803
Intel Xeon E7 8894 V4
Intel Xeon E7 8893 V4
Intel Xeon E7 8891 V4
Intel Xeon E7 8890 V4
3 Github repositories
4 Articles
5.5
CVSSv3
CVE-2016-4755
Terminal in Apple OS X prior to 10.12 uses weak permissions for the .bash_history and .bash_session files, which allows local users to obtain sensitive information via unspecified vectors.
Apple Mac Os X
NA
CVE-2015-5883
The bidirectional text-display and text-selection implementations in Terminal in Apple OS X prior to 10.11 interpret directional override formatting characters differently, which allows remote malicious users to spoof the content of a text document via a crafted character sequenc...
Apple Mac Os X
NA
CVE-2013-1776
sudo 1.3.5 up to and including 1.7.10 and 1.8.0 up to and including 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vector...
Apple Mac Os X
Todd Miller Sudo 1.8.4p5
Todd Miller Sudo 1.8.4p1
Todd Miller Sudo 1.8.5
Todd Miller Sudo 1.8.4
Todd Miller Sudo 1.8.4p3
Todd Miller Sudo 1.8.3p2
Todd Miller Sudo 1.8.4p2
Todd Miller Sudo 1.8.1p2
Todd Miller Sudo 1.8.4p4
Todd Miller Sudo 1.8.2
Todd Miller Sudo 1.8.3p1
Todd Miller Sudo 1.8.1p1
Todd Miller Sudo 1.8.1
Todd Miller Sudo 1.8.3
Todd Miller Sudo 1.8.0
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo 1.6.1
NA
CVE-2013-2776
sudo 1.3.5 up to and including 1.7.10p5 and 1.8.0 up to and including 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissi...
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.9p22
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.10
Todd Miller Sudo 1.7.5
Todd Miller Sudo 1.7.8p1
Todd Miller Sudo 1.7.7
Todd Miller Sudo 1.7.4p5
Todd Miller Sudo 1.7.6
Todd Miller Sudo 1.6.5
NA
CVE-2013-2777
sudo prior to 1.7.10p5 and 1.8.x prior to 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session w...
Apple Mac Os X
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.10p2
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.9p22
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.10
Todd Miller Sudo 1.7.5
Todd Miller Sudo 1.7.8p1
Todd Miller Sudo 1.7.7
NA
CVE-2013-1775
sudo 1.6.0 up to and including 1.7.10p6 and sudo 1.8.0 up to and including 1.8.6p6 allows local users or physically proximate malicious users to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp t...
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.9p22
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.9
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.7p5
Todd Miller Sudo 1.6.9p23
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.9p21
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.8p12
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.2p3
Todd Miller Sudo 1.8.4p5
Todd Miller Sudo 1.8.5p3
Todd Miller Sudo 1.8.4p1
2 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »