Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2022-25328
The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a m...
Google Fscrypt
7.2
CVSSv3
CVE-2023-43744
An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions before 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application fun...
Zultys Mx-se Firmware
Zultys Mx-se Ii Firmware
Zultys Mx-e Firmware
Zultys Mx-virtual Firmware
Zultys Mx250 Firmware
Zultys Mx30 Firmware
7.2
CVSSv3
CVE-2023-23777
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged malicious user to execute arbitrary bash commands ...
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
7.2
CVSSv3
CVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the roo...
Cisco Asa Firepower
1 Metasploit module
1 Github repository
1 Article
7.2
CVSSv3
CVE-2020-5873
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute...
F5 Big-ip Access Policy Manager
F5 Big-iq Centralized Management
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
7.2
CVSSv3
CVE-2019-19041
An issue exists in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be ex...
Xorur Lpar2rrd 6.11
Xorur Stor2rrd 2.61
1 Github repository
7.2
CVSSv3
CVE-2019-16103
Silver Peak EdgeConnect SD-WAN prior to 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature.
Silver-peak Unity Edgeconnect Sd-wan Firmware 8.1.4.9 65644
6.8
CVSSv3
CVE-2020-27542
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads configuration from QR code (including network settings). The static IP configuration from QR code is copied to the file /config/ip-static and after reboot data from this file is inserted into b...
Company Cs-c2shw Firmware 5.0.082.1
6.7
CVSSv3
CVE-2019-1730
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local malicious user to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Sh...
Cisco Nx-os
5.6
CVSSv3
CVE-2018-3640
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var...
Intel Pentium J J4205
Intel Celeron N N3450
Intel Atom Z Z2560
Intel Atom Z Z2580
Intel Atom Z Z3590
Intel Atom Z Z3735d
Intel Atom Z Z3740d
Intel Atom Z Z3745
Intel Atom Z Z3795
Intel Atom Z Z2420
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3830
Intel Atom C C3850
Intel Xeon Silver 4110
Intel Xeon Silver 4112
Intel Xeon Platinum 8160
Intel Xeon Platinum 8160f
Intel Xeon Platinum 8176
Intel Xeon Platinum 8176f
Intel Xeon Gold 85120
Intel Pentium Silver J5005
3 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »