Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the roo...
Cisco Asa Firepower
1 Metasploit module
1 Github repository
1 Article
9
CVSSv2
CVE-2022-32268
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-roo...
Starwindsoftware Starwind San \\& Nas 0.2
9
CVSSv2
CVE-2021-42165
MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path".
Mitrastar Gpt-2541gnac-n1 Firmware Br G3.5 100vnz0b33
1 Github repository
9
CVSSv2
CVE-2021-37158
An issue exists in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated attacker could inject OS commands by starting a Counter-Strike server and using the map field to enter a Bash command.
Opengamepanel Opengamepanel
9
CVSSv2
CVE-2019-19041
An issue exists in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be ex...
Xorur Lpar2rrd 6.11
Xorur Stor2rrd 2.61
1 Github repository
9
CVSSv2
CVE-2019-16103
Silver Peak EdgeConnect SD-WAN prior to 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature.
Silver-peak Unity Edgeconnect Sd-wan Firmware 8.1.4.9 65644
9
CVSSv2
CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices with firmware prior to 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
Dell Idrac7 Firmware
Dell Idrac8 Firmware
8.5
CVSSv2
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions before 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user runn...
Gradle Gradle
7.9
CVSSv2
CVE-2019-9146
Jamf Self Service 10.9.0 allows man-in-the-middle malicious users to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream.
Jamf Self Service 10.9.0
7.8
CVSSv2
CVE-2014-3368
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote malicious users to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507.
Cisco Telepresence Video Communication Server Software
Cisco Expressway Software
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »