Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23777
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged malicious user to execute arbitrary bash commands ...
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2023-34111
The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of `${{ github.event.pull_request.title }}` in a bash co...
Tdengine Grafana
NA
CVE-2023-33294
An issue exists in KaiOS 3.0 prior to 3.1. The /system/bin/tctweb_server binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted...
Kaiostech Kaios 3.0
Kaiostech Kaios 3.1
NA
CVE-2023-30623
`embano1/wip` is a GitHub Action written in Bash. Prior to version 2, the `embano1/wip` action uses the `github.event.pull_request.title` parameter in an insecure way. The title parameter is used in a run statement - resulting in a command injection vulnerability due to string in...
Wip Project Wip
NA
CVE-2023-30621
Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions before 1.3 users can run command on the host machine with sudoer permission. The `!ping` command when provided with an IP or hostname used to run a bash `ping <IP>` wi...
Gipsy Project Gipsy
NA
CVE-2023-26068
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
Lexmark Cxtpc Firmware
Lexmark Cstpc Firmware
Lexmark Mxtct Firmware
Lexmark Mxtpm Firmware
Lexmark Cxtmm Firmware
Lexmark Mslsg Firmware
Lexmark Mxlsg Firmware
Lexmark Mslbd Firmware
Lexmark Mxlbd Firmware
Lexmark Msngm Firmware
Lexmark Mxngm Firmware
Lexmark Mxtgm Firmware
Lexmark Msngw Firmware
Lexmark Mstgw Firmware
Lexmark Mxtgw Firmware
Lexmark Cslbn Firmware
Lexmark Cslbl Firmware
Lexmark Cxlbn Firmware
Lexmark Cxlbl Firmware
Lexmark Csnzj Firmware
Lexmark Cxtzj Firmware
Lexmark Cxnzj Firmware
NA
CVE-2023-26067
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
Lexmark Cxtpc Firmware
Lexmark Cstpc Firmware
Lexmark Mxtct Firmware
Lexmark Mxtpm Firmware
Lexmark Cxtmm Firmware
Lexmark Mslsg Firmware
Lexmark Mxlsg Firmware
Lexmark Mslbd Firmware
Lexmark Mxlbd Firmware
Lexmark Msngm Firmware
Lexmark Mxngm Firmware
Lexmark Mxtgm Firmware
Lexmark Msngw Firmware
Lexmark Mstgw Firmware
Lexmark Mxtgw Firmware
Lexmark Cslbn Firmware
Lexmark Cslbl Firmware
Lexmark Cxlbn Firmware
Lexmark Cxlbl Firmware
Lexmark Csnzj Firmware
Lexmark Cxtzj Firmware
Lexmark Cxnzj Firmware
2 Github repositories
NA
CVE-2022-3715
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
Gnu Bash
Redhat Enterprise Linux 9.0
2 Github repositories
NA
CVE-2022-44794
An issue exists in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote malicious user to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary d...
Objectfirst Object First
NA
CVE-2022-40929
XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case (running arbitrary Bash scripts on behalf of users).
Xuxueli Xxl-job 2.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »