Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-0234
Bash treats any character with a value of 255 as a command separator.
Yggdrasil Linux
Sgi Irix
Caldera Openlinux
Redhat Linux 3.0.3
Suse Suse Linux 4.2
NA
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) prior to 2.14 might allow remote malicious users to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.1
Nagios Remote Plug In Executor 1.7
Nagios Remote Plug In Executor
Nagios Remote Plug In Executor 1.4
Nagios Remote Plug In Executor 2.7
Nagios Remote Plug In Executor 2.0b5
Nagios Remote Plug In Executor 2.8b1
Nagios Remote Plug In Executor 2.8.1
Nagios Remote Plug In Executor 2.11
Nagios Remote Plug In Executor 2.9
Nagios Remote Plug In Executor 2.5.1
Nagios Remote Plug In Executor 2.4
Nagios Remote Plug In Executor 2.10
Nagios Remote Plug In Executor 2.0
Nagios Remote Plug In Executor 1.9
Nagios Remote Plug In Executor 2.0b1
Nagios Remote Plug In Executor 2.0b2
Nagios Remote Plug In Executor 2.5.2
Nagios Remote Plug In Executor 1.8
Nagios Remote Plug In Executor 2.3
1 EDB exploit
8.8
CVSSv3
CVE-2022-44794
An issue exists in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote malicious user to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary d...
Objectfirst Object First
9.8
CVSSv3
CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with t...
Mozilla Firefox
2.8
CVSSv3
CVE-2016-5480
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.
Oracle Solaris 10
8.8
CVSSv3
CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices with firmware prior to 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
Dell Idrac7 Firmware
Dell Idrac8 Firmware
7.5
CVSSv3
CVE-2017-16202
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Cofeescript Project Cofeescript 0.0.1
7.5
CVSSv3
CVE-2017-16204
The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Jquey Project Jquey 1.0.1
7.5
CVSSv3
CVE-2017-16205
The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Coffescript Project Coffescript 1.0.1
7.5
CVSSv3
CVE-2017-16203
The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Coffescript Project Coffescript 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »