Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fish fish vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-1397
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote malicious users to execute arbitrary code via long strings.
Fish Fish
2 EDB exploits
10
CVSSv2
CVE-2001-0247
Buffer overflows in BSD-based FTP servers allows remote malicious users to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
Mit Kerberos 5 1.2.1
Mit Kerberos 5 1.2.2
Sgi Irix 6.5.3
Sgi Irix 6.5.3f
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.5
Sgi Irix 6.5.6
Mit Kerberos 5 1.1.1
Sgi Irix 6.1
Sgi Irix 6.5.3m
Sgi Irix 6.5.4
Mit Kerberos 5 1.2
Sgi Irix 6.5.11
Sgi Irix 6.5.2m
Sgi Irix 6.5.7
Sgi Irix 6.5.8
Freebsd Freebsd 2.2
Freebsd Freebsd 3.1
Freebsd Freebsd 2.2.5
Freebsd Freebsd 2.2.6
Freebsd Freebsd 3.5
3 EDB exploits
7.5
CVSSv2
CVE-2014-2914
fish (aka fish-shell) 2.0.0 prior to 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote malicious users to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt.
Fishshell Fish
7.5
CVSSv2
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and previous versions can allow an malicious user to gain privileges via format strings in the original filename that is stored in an encrypted file.
Gnu Privacy Guard 7.1
Gnu Privacy Guard 7.2
Gnu Privacy Guard 8.0
1 EDB exploit
7.2
CVSSv2
CVE-2000-1125
restore 0.4b15 and previous versions in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
Redhat Linux 6.2e
Redhat Linux 6.2
3 EDB exploits
6.9
CVSSv2
CVE-2014-2905
fish (aka fish-shell) 1.16.0 prior to 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions.
Fishshell Fish 1.16.0
Fishshell Fish 2.0.0
6.8
CVSSv2
CVE-2022-20001
fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration ...
Fishshell Fish
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 11.0
5
CVSSv2
CVE-2021-33982
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and previous versions, which allows a remote malicious user to reuse, spoof, or steal other user and admin sessions.
Myfwc Fish \\| Hunt Fl
4.4
CVSSv2
CVE-2014-2906
The psub function in fish (aka fish-shell) 1.16.0 prior to 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
Fishshell Fish
4.4
CVSSv2
CVE-2014-3856
The funced function in fish (aka fish-shell) 1.23.0 prior to 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
Fishshell Fish
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »