Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-1999-0491
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
Gnu Bash 1.14.3
Gnu Bash 2.05
Gnu Bash 1.14.1
Gnu Bash 2.01
Gnu Bash 2.0
Gnu Bash 2.01.1
Gnu Bash 1.14.7
Gnu Bash 1.14.6
Gnu Bash 1.14.2
Gnu Bash 1.14.4
Gnu Bash 2.02.1
Gnu Bash 1.14.5
Gnu Bash 1.14.0
Gnu Bash 2.02
Gnu Bash
Gnu Bash 2.03
1 EDB exploit
4.6
CVSSv2
CVE-1999-1048
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local malicious users to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into t...
Redhat Linux 4.2
Debian Debian Linux 1.3.1
4.6
CVSSv2
CVE-1999-0234
Bash treats any character with a value of 255 as a command separator.
Yggdrasil Linux
Sgi Irix
Caldera Openlinux
Redhat Linux 3.0.3
Suse Suse Linux 4.2
4.6
CVSSv2
CVE-1999-1383
(1) bash prior to 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in...
Gnu Bash 1.14.1
Gnu Bash 1.14.2
Tcsh Tcsh 6.05
Gnu Bash 1.14.0
Gnu Bash 1.14.5
Gnu Bash
Gnu Bash 1.14.3
Gnu Bash 1.14.4
4
CVSSv2
CVE-2022-26340
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privilege...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
2.1
CVSSv2
CVE-2010-0002
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a craft...
Gnu Bash 3.2
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 2.05
Gnu Bash 3.0
1 EDB exploit
2.1
CVSSv2
CVE-2005-2708
The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process...
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.24
Linux Linux Kernel 2.4.24 Ow1
Linux Linux Kernel 2.4.27
Linux Linux Kernel 2.4.30
Linux Linux Kernel 2.4.31
Linux Linux Kernel 2.4.6
Linux Linux Kernel 2.4.7
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.22
Linux Linux Kernel 2.4.23
Linux Linux Kernel 2.4.29
Linux Linux Kernel 2.4.3
Linux Linux Kernel 2.4.32
Linux Linux Kernel 2.4.14
1.9
CVSSv2
CVE-2022-24725
Shescape is a shell escape package for JavaScript. An issue in versions 1.4.0 to 1.5.1 allows for exposure of the home directory on Unix systems when using Bash with the `escape` or `escapeAll` functions from the _shescape_ API with the `interpolation` option set to `true`. Other...
Shescape Project Shescape
1.9
CVSSv2
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
47 Github repositories
9 Articles
1.9
CVSSv2
CVE-2016-5480
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.
Oracle Solaris 10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »