Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu ed vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3916
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed prior to 1.0 allows context-dependent or user-assisted malicious users to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue on...
Gnu Ed 0.3
Gnu Ed 0.7
Gnu Ed 0.6
Gnu Ed 0.4
Gnu Ed 0.2
Gnu Ed 0.9
Gnu Ed 0.5
Gnu Ed 0.8
NA
CVE-2000-1137
GNU ed prior to 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
Gnu Ed 2.18
Gnu Ed 2.16tr
Gnu Ed 2.15
Gnu Ed 2.18.0
NA
CVE-2006-6939
GNU ed prior to 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.
Gnu Ed
7.5
CVSSv3
CVE-2017-5357
regex.c in GNU ed prior to 1.14.1 allows malicious users to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
Fedoraproject Fedora 25
Gnu Ed
7.8
CVSSv3
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
7.5
CVSSv3
CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch up to and including 2.7.6.
Gnu Patch
1 Github repository
5.5
CVSSv3
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
5.9
CVSSv3
CVE-2019-13636
In GNU patch up to and including 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Gnu Patch
1 Github repository
7.8
CVSSv3
CVE-2019-13638
GNU patch up to and including 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is diff...
Gnu Patch 2.7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
7.8
CVSSv3
CVE-2015-1418
The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary command...
Freebsd Freebsd 10.2
Freebsd Freebsd 10.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »