Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fish fish vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-3219
fish prior to 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
Fishshell Fish
Fedoraproject Fedora 19
4.3
CVSSv2
CVE-2013-7049
Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as used in ZNC for Windows (znc-msvc) 0.206 and previous versions, allows remote malicious users to cause a denial of service (crash) via a long string in a DH1080_INIT message.
Znc Znc-msvc
Znc Znc-msvc 0.076
Znc Znc-msvc 0.093
Znc Znc-msvc 0.094
Znc Znc-msvc 0.095
Znc Znc-msvc 0.077
Znc Znc-msvc 0.078
Znc Znc-msvc 0.097
Znc Znc-msvc 0.098
Znc Znc-msvc 0.079
Znc Znc-msvc 0.080
Znc Znc-msvc 0.202
Znc Znc-msvc 0.089
Znc Znc-msvc 0.090
4
CVSSv2
CVE-2021-33981
An insecure, direct object vulnerability in hunting/fishing license retrieval function of the "Fish | Hunt FL" iOS app versions 3.8.0 and previous versions allows a remote authenticated malicious user to retrieve other people's personal information and images of th...
Myfwc Fish \\| Hunt Fl
3.6
CVSSv2
CVE-2012-2451
The Config::IniFiles module prior to 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that th...
Shlomi Fish Config-inifiles
2.1
CVSSv2
CVE-2020-12755
fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras up to and including 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.
Kde Kio-extras
2.1
CVSSv2
CVE-2012-2068
Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module prior to 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) node_title or (2) nodeque...
Tiger-fish Fancy Slide 6.x-2.2
Tiger-fish Fancy Slide
Tiger-fish Fancy Slide 6.x-2.x
Tiger-fish Fancy Slide 6.x-2.5
Tiger-fish Fancy Slide 6.x-2.4
1.9
CVSSv2
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
NA
CVE-2024-29791
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a up to and including 2.01.
NA
CVE-2023-49284
fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wildcards and expansions. It will incorrectly allow these markers to be read on command substitution output, ra...
Fishshell Fish
NA
CVE-2023-45065
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin <= 1.42 versions.
Madfishdigital Bulk Noindex \\& Nofollow Toolkit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »