Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

zsh project zsh vulnerabilities and exploits

(subscribe to this query)
7.8
CVSSv3
CVE-2014-10070
zsh prior to 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in priv...
Zsh Project Zsh
5.5
CVSSv3
CVE-2022-24725
Shescape is a shell escape package for JavaScript. An issue in versions 1.4.0 to 1.5.1 allows for exposure of the home directory on Unix systems when using Bash with the `escape` or `escapeAll` functions from the _shescape_ API with the `interpolation` option set to `true`. Other...
Shescape Project Shescape
6.4
CVSSv3
CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and previous versions is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Sudo Project Sudo
NA
CVE-2014-627729
CHARQITO_NET El charqito net GNU Bash o simplemente Bash (Bourne-again shell) es una interfaz de usuario de línea de comandos popular, específicamente un shell de Unix; así como un lenguaje de scripting. Bash fue originalmente escrito por Brian Fox para el si...
NA
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 1.14.2Gnu Bash 1.14.3Gnu Bash 2.01.1Gnu Bash 2.02Gnu Bash 3.0Gnu Bash 3.0.16Gnu Bash 4.3Gnu Bash 1.14.6Gnu Bash 1.14.7Gnu Bash 2.04Gnu Bash 2.05Gnu Bash 3.2.48Gnu Bash 4.0Gnu Bash 1.14.0Gnu Bash 1.14.1Gnu Bash 2.0Gnu Bash 2.01Gnu Bash 4.1Gnu Bash 4.2Gnu Bash 1.14.4Gnu Bash 1.14.5Gnu Bash 2.02.1
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1Tukaani Xz 5.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710arbitrary CVE-2024-5272CVE-2024-2961brute forceremoteCVE-2024-32944CVE-2024-36241CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook