Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fish fish vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-1397
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote malicious users to execute arbitrary code via long strings.
Fish Fish
2 EDB exploits
2.1
CVSSv2
CVE-2012-2068
Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module prior to 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) node_title or (2) nodeque...
Tiger-fish Fancy Slide 6.x-2.2
Tiger-fish Fancy Slide
Tiger-fish Fancy Slide 6.x-2.x
Tiger-fish Fancy Slide 6.x-2.5
Tiger-fish Fancy Slide 6.x-2.4
6.9
CVSSv2
CVE-2014-2905
fish (aka fish-shell) 1.16.0 prior to 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions.
Fishshell Fish 1.16.0
Fishshell Fish 2.0.0
7.5
CVSSv2
CVE-2014-2914
fish (aka fish-shell) 2.0.0 prior to 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote malicious users to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt.
Fishshell Fish
NA
CVE-2023-49284
fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, ra...
Fishshell Fish
4.4
CVSSv2
CVE-2014-2906
The psub function in fish (aka fish-shell) 1.16.0 prior to 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
Fishshell Fish
4.4
CVSSv2
CVE-2014-3856
The funced function in fish (aka fish-shell) 1.23.0 prior to 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
Fishshell Fish
3.6
CVSSv2
CVE-2012-2451
The Config::IniFiles module prior to 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that th...
Shlomi Fish Config-inifiles
4
CVSSv2
CVE-2021-33981
An insecure, direct object vulnerability in hunting/fishing license retrieval function of the "Fish | Hunt FL" iOS app versions 3.8.0 and previous versions allows a remote authenticated malicious user to retrieve other people's personal information and images of th...
Myfwc Fish \\| Hunt Fl
5
CVSSv2
CVE-2021-33982
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and previous versions, which allows a remote malicious user to reuse, spoof, or steal other user and admin sessions.
Myfwc Fish \\| Hunt Fl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »