Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu patch vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2015-1416
Larry Wall's patch; patch in FreeBSD 10.2-RC1 prior to 10.2-RC1-p1, 10.2 prior to 10.2-BETA2-p2, and 10.1 prior to 10.1-RELEASE-p16; Bitrig; GNU patch prior to 2.2.5; and possibly other patch variants allow remote malicious users to execute arbitrary shell commands via a cra...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.0
Freebsd Freebsd 10.2
7.8
CVSSv3
CVE-2015-1418
The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary command...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
5.5
CVSSv3
CVE-2014-9637
GNU patch 2.7.2 and previous versions allows remote malicious users to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Mageia Mageia 4.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Gnu Patch
7.5
CVSSv3
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching prior to 2.7.3 allows remote malicious users to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Gnu Patch
9.8
CVSSv3
CVE-2017-8283
dpkg-source in dpkg 1.3.0 up to and including 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote malicious users to conduct directory traversal attacks via a crafted Debian source package, as...
Debian Dpkg 1.18.19
Debian Dpkg 1.18.17
Debian Dpkg 1.18.12
Debian Dpkg 1.18.10
Debian Dpkg 1.18.3
Debian Dpkg 1.18.1
Debian Dpkg 1.17.18
Debian Dpkg 1.17.16
Debian Dpkg 1.17.11
Debian Dpkg 1.17.9
Debian Dpkg 1.17.2
Debian Dpkg 1.17.0
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.0.3
Debian Dpkg 1.15.8.7
Debian Dpkg 1.15.8.5
Debian Dpkg 1.15.7.1
Debian Dpkg 1.15.6.1
Debian Dpkg 1.15.5.3
Debian Dpkg 1.15.5.1
NA
CVE-2015-1197
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
Gnu Cpio 2.11
1 Metasploit module
1 Article
NA
CVE-2015-1196
GNU patch 2.7.1 allows remote malicious users to write to arbitrary files via a symlink attack in a patch file.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Oracle Solaris 11.2
Gnu Patch 2.7.1
NA
CVE-2011-2702
Integer signedness error in Glibc prior to 2.13 and eglibc prior to 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent malicious users to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) me...
Gnu Glibc 2.12.1
Gnu Glibc
Gnu Glibc 2.12
Gnu Eglibc
1 EDB exploit
NA
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 1.14.2
Gnu Bash 1.14.3
Gnu Bash 2.01.1
Gnu Bash 2.02
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.3
Gnu Bash 1.14.6
Gnu Bash 1.14.7
Gnu Bash 2.04
Gnu Bash 2.05
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.0
Gnu Bash 1.14.1
Gnu Bash 2.0
Gnu Bash 2.01
Gnu Bash 4.1
Gnu Bash 4.2
Gnu Bash 1.14.4
Gnu Bash 1.14.5
Gnu Bash 2.02.1
3 EDB exploits
4 Github repositories
NA
CVE-2014-2524
The _rl_tropen function in util.c in GNU readline prior to 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
Mageia Mageia 4.0
Mageia Mageia 3.0
Gnu Readline 5.2
Gnu Readline 5.1
Gnu Readline 5.0
Gnu Readline 4.3
Gnu Readline
Gnu Readline 6.1
Gnu Readline 4.2
Gnu Readline 4.0
Gnu Readline 2.2
Gnu Readline 2.1
Gnu Readline 6.2
Gnu Readline 6.0
Gnu Readline 4.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »