Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2014-3397
The network stack in Cisco TelePresence MCU Software prior to 4.3(2.30) allows remote malicious users to cause a denial of service (memory consumption) via crafted TCP packets, aka Bug ID CSCtz35468.
Cisco Telepresence Mcu Software
7.5
CVSSv2
CVE-2022-2104
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).
Secheron Sepcos Control And Protection Relay Firmware
7.5
CVSSv2
CVE-2022-1388
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reac...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
81 Github repositories
3 Articles
7.5
CVSSv2
CVE-2020-27540
Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. The camera reads firmware update configuration from SD card file vc\version.json. fw-sign parameter and from this configuration is directly inserted into a bash command. Firmware u...
Company Cs-c2shw Firmware 5.0.082.1
7.5
CVSSv2
CVE-2020-11963
IQrouter up to and including 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating t...
Evenroute Iqrouter Firmware
7.5
CVSSv2
CVE-2020-9015
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow malicious users to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue ...
Arista Dcs-7050qx-32s-r Firmware 4.20.9m
Arista Dcs-7050cx3-32s-r Firmware 4.20.11m
Arista Dcs-7280sram-48c6-r Firmware 4.22.0.1f
7.5
CVSSv2
CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with t...
Mozilla Firefox
7.5
CVSSv2
CVE-2018-2894
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Oracle Weblogic Server 12.2.1.2.0
Oracle Weblogic Server 12.2.1.3
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
8 Github repositories
1 Article
7.5
CVSSv2
CVE-2018-2943
Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...
Oracle Fusion Middleware Mapviewer 12.2.1.3.0
Oracle Fusion Middleware Mapviewer 12.2.1.2.0
1 Article
7.5
CVSSv2
CVE-2018-7739
antsle antman prior to 0.9.1a allows remote malicious users to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web...
Antsle Antman
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »