Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-9146
Jamf Self Service 10.9.0 allows man-in-the-middle malicious users to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream.
Jamf Self Service 10.9.0
NA
CVE-1999-1048
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local malicious users to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into t...
Redhat Linux 4.2
Debian Debian Linux 1.3.1
7.2
CVSSv3
CVE-2023-23777
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged malicious user to execute arbitrary bash commands ...
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
7.8
CVSSv3
CVE-2013-6876
The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and previous versions allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: this vulnerability was fixed with commit ad732f0...
S3dvt Project S3dvt
8.8
CVSSv3
CVE-2014-5287
A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and previous versions due to a failure to sanitize input in the Web User Interface (WUI).
Kemptechnologies Loadmaster
1 EDB exploit
NA
CVE-2004-1051
sudo prior to 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.5
Mandrakesoft Mandrake Multi Network Firewall 8.2
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
NA
CVE-2005-2708
The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process...
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.24
Linux Linux Kernel 2.4.24 Ow1
Linux Linux Kernel 2.4.27
Linux Linux Kernel 2.4.30
Linux Linux Kernel 2.4.31
Linux Linux Kernel 2.4.6
Linux Linux Kernel 2.4.7
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.22
Linux Linux Kernel 2.4.23
Linux Linux Kernel 2.4.29
Linux Linux Kernel 2.4.3
Linux Linux Kernel 2.4.32
Linux Linux Kernel 2.4.14
7.2
CVSSv3
CVE-2020-5873
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute...
F5 Big-ip Access Policy Manager
F5 Big-iq Centralized Management
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
7.5
CVSSv3
CVE-2019-14706
A denial of service issue in HTTPD exists on MicroDigital N-series cameras with firmware up to and including 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will no...
Microdigital Mdc-n4090 Firmware
Microdigital Mdc-n4090w Firmware
Microdigital Mdc-n2190v Firmware
9.8
CVSSv3
CVE-2020-11920
An issue exists in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitr...
Svakom Siime Eye Firmware 14.1.00000001.3.330.0.0.3.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »