Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zsh zsh vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-0502
An issue exists in zsh prior to 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Zsh Zsh
668
VMScore
CVE-2018-13259
An issue exists in zsh prior to 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Zsh Zsh
409
VMScore
CVE-2014-10070
zsh prior to 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in priv...
Zsh Project Zsh
668
VMScore
CVE-2016-10714
In zsh prior to 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
Zsh Zsh
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
668
VMScore
CVE-2018-7548
In subst.c in zsh up to and including 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
Zsh Zsh
Canonical Ubuntu Linux 17.10
409
VMScore
CVE-2007-6209
Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Zsh Zsh 4.3.4
475
VMScore
CVE-2005-4158
Sudo prior to 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as librar...
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.8 P7
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.8 P9
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.3 P7
3 EDB exploits
409
VMScore
CVE-2002-1476
Buffer overflow in setlocale in libc on NetBSD 1.4.x up to and including 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local malicious users to execute arbitrary code via a user-controlled locale string that has more than 6 elements, whic...
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.5
Netbsd Netbsd 1.6
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2