Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu ed vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-3916
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed prior to 1.0 allows context-dependent or user-assisted malicious users to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue on...
Gnu Ed 0.7
Gnu Ed 0.8
Gnu Ed 0.5
Gnu Ed 0.6
Gnu Ed 0.3
Gnu Ed 0.4
Gnu Ed 0.2
Gnu Ed 0.9
4.6
CVSSv2
CVE-2000-1137
GNU ed prior to 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
Gnu Ed 2.15
Gnu Ed 2.16tr
Gnu Ed 2.18
Gnu Ed 2.18.0
4.6
CVSSv2
CVE-2006-6939
GNU ed prior to 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.
Gnu Ed
5
CVSSv2
CVE-2017-5357
regex.c in GNU ed prior to 1.14.1 allows malicious users to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
Fedoraproject Fedora 25
Gnu Ed
9.3
CVSSv2
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
5
CVSSv2
CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch up to and including 2.7.6.
Gnu Patch
1 Github repository
4.3
CVSSv2
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
5.8
CVSSv2
CVE-2019-13636
In GNU patch up to and including 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Gnu Patch
1 Github repository
9.3
CVSSv2
CVE-2019-13638
GNU patch up to and including 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is diff...
Gnu Patch 2.7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
9.3
CVSSv2
CVE-2015-1418
The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary command...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »