Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bash vulnerabilities and exploits
(subscribe to this query)
642
VMScore
CVE-2019-18276
An issue exists in disable_priv_mode in shell.c in GNU Bash up to and including 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Lin...
Gnu Bash
Gnu Bash 5.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager
Oracle Communications Cloud Native Core Policy 1.14.0
3 Github repositories
641
VMScore
CVE-2022-25328
The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a m...
Google Fscrypt
641
VMScore
CVE-2021-23012
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.3, 14.1.x prior to 14.1.4, and 13.1.x prior to 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either "Resource Administrator" or "Administ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
641
VMScore
CVE-2019-1730
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local malicious user to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Sh...
Cisco Nx-os
641
VMScore
CVE-2019-1596
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local malicious user to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of...
Cisco Nx-os
641
VMScore
CVE-2019-1593
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local malicious user to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vul...
Cisco Nx-os
641
VMScore
CVE-2014-1226
The pipe_init_terminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876.
S3dvt Project S3dvt
641
VMScore
CVE-2013-6876
The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and previous versions allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and previous versions. NOTE: this vulnerability was fixed with commit ad732f0...
S3dvt Project S3dvt
641
VMScore
CVE-2012-4075
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788.
Cisco Nx-os -
641
VMScore
CVE-2004-1051
sudo prior to 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.5
Mandrakesoft Mandrake Multi Network Firewall 8.2
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »