Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2019-1593
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local malicious user to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vul...
Cisco Nx-os
7.2
CVSSv2
CVE-2013-6876
The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and previous versions allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: this vulnerability was fixed with commit ad732f0...
S3dvt Project S3dvt
7.2
CVSSv2
CVE-2014-1226
The pipe_init_terminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876.
S3dvt Project S3dvt
7.2
CVSSv2
CVE-2018-7738
In util-linux prior to 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount...
Kernel Util-linux
7.2
CVSSv2
CVE-2012-4075
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788.
Cisco Nx-os -
7.2
CVSSv2
CVE-2005-1307
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled dir...
Adobe Version Cue Gold
Apple Mac Os X 10.3.6
1 EDB exploit
7.2
CVSSv2
CVE-2004-1051
sudo prior to 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.5
Mandrakesoft Mandrake Multi Network Firewall 8.2
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
7.2
CVSSv2
CVE-2000-1134
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
Conectiva Linux 4.0
Conectiva Linux 4.0es
Immunix Immunix 6.2
Conectiva Linux 4.1
Conectiva Linux 4.2
Conectiva Linux 5.0
Conectiva Linux 5.1
Caldera Openlinux Eserver 2.3
Hp Hp-ux 11.11
Redhat Linux 6.0
Redhat Linux 6.1
Caldera Openlinux
Caldera Openlinux Edesktop 2.4
Mandrakesoft Mandrake Linux 7.2
Redhat Linux 5.2
Mandrakesoft Mandrake Linux 6.0
Mandrakesoft Mandrake Linux 6.1
Redhat Linux 6.2
Redhat Linux 6.2e
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux 7.1
Suse Suse Linux 7.0
2 EDB exploits
7.1
CVSSv2
CVE-2014-3369
The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote malicious users to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252.
Cisco Expressway Software
Cisco Telepresence Video Communication Server Software
7.1
CVSSv2
CVE-2014-3370
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote malicious users to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447.
Cisco Telepresence Video Communication Server Software
Cisco Expressway Software
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »