Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-16202
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Cofeescript Project Cofeescript 0.0.1
5
CVSSv2
CVE-2017-16203
The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Coffescript Project Coffescript 1.0.1
5
CVSSv2
CVE-2017-16204
The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Jquey Project Jquey 1.0.1
5
CVSSv2
CVE-2017-16205
The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Coffescript Project Coffescript 1.0.1
5
CVSSv2
CVE-2017-16206
The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
Coffescript Project Coffescript 1.0.1
4.7
CVSSv2
CVE-2018-3640
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var...
Intel Pentium J J4205
Intel Celeron N N3450
Intel Atom Z Z2560
Intel Atom Z Z2580
Intel Atom Z Z3590
Intel Atom Z Z3735d
Intel Atom Z Z3740d
Intel Atom Z Z3745
Intel Atom Z Z3795
Intel Atom Z Z2420
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3830
Intel Atom C C3850
Intel Xeon Silver 4110
Intel Xeon Silver 4112
Intel Xeon Platinum 8160
Intel Xeon Platinum 8160f
Intel Xeon Platinum 8176
Intel Xeon Platinum 8176f
Intel Xeon Gold 85120
Intel Pentium Silver J5005
3 Github repositories
4 Articles
7.2
CVSSv2
CVE-2014-1226
The pipe_init_terminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876.
S3dvt Project S3dvt
7.2
CVSSv2
CVE-2013-6876
The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and previous versions allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: this vulnerability was fixed with commit ad732f0...
S3dvt Project S3dvt
7.2
CVSSv2
CVE-2018-7738
In util-linux prior to 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount...
Kernel Util-linux
7.5
CVSSv2
CVE-2018-7739
antsle antman prior to 0.9.1a allows remote malicious users to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web...
Antsle Antman
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »