Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gnu patch vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2019-13638
GNU patch up to and including 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is diff...
Gnu Patch 2.7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
3.3
CVSSv2
CVE-2014-2524
The _rl_tropen function in util.c in GNU readline prior to 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
Mageia Mageia 4.0
Mageia Mageia 3.0
Gnu Readline 5.2
Gnu Readline 5.1
Gnu Readline 5.0
Gnu Readline 4.3
Gnu Readline
Gnu Readline 6.1
Gnu Readline 4.2
Gnu Readline 4.0
Gnu Readline 2.2
Gnu Readline 2.1
Gnu Readline 6.2
Gnu Readline 6.0
Gnu Readline 4.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 20
10
CVSSv2
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 1.14.2
Gnu Bash 1.14.3
Gnu Bash 2.01.1
Gnu Bash 2.02
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.3
Gnu Bash 1.14.6
Gnu Bash 1.14.7
Gnu Bash 2.04
Gnu Bash 2.05
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.0
Gnu Bash 1.14.1
Gnu Bash 2.0
Gnu Bash 2.01
Gnu Bash 4.1
Gnu Bash 4.2
Gnu Bash 1.14.4
Gnu Bash 1.14.5
Gnu Bash 2.02.1
3 EDB exploits
3 Github repositories
6.4
CVSSv2
CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch prior to 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
Gnu Patch
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2011-2702
Integer signedness error in Glibc prior to 2.13 and eglibc prior to 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent malicious users to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) me...
Gnu Glibc 2.12.1
Gnu Glibc
Gnu Glibc 2.12
Gnu Eglibc
1 EDB exploit
7.8
CVSSv2
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching prior to 2.7.3 allows remote malicious users to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Gnu Patch
7.1
CVSSv2
CVE-2014-9637
GNU patch 2.7.2 and previous versions allows remote malicious users to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Mageia Mageia 4.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Gnu Patch
5.8
CVSSv2
CVE-2022-29458
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
Gnu Ncurses 6.3
Gnu Ncurses
Apple Macos
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.
Gnu Grub -
2.1
CVSSv2
CVE-2018-20483
set_file_metadata in xattr.c in GNU Wget prior to 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the U...
Gnu Wget
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »