Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu ed vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2008-3916
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed prior to 1.0 allows context-dependent or user-assisted malicious users to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue on...
Gnu Ed 0.3
Gnu Ed 0.7
Gnu Ed 0.6
Gnu Ed 0.4
Gnu Ed 0.2
Gnu Ed 0.9
Gnu Ed 0.5
Gnu Ed 0.8
409
VMScore
CVE-2000-1137
GNU ed prior to 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
Gnu Ed 2.18
Gnu Ed 2.16tr
Gnu Ed 2.15
Gnu Ed 2.18.0
409
VMScore
CVE-2006-6939
GNU ed prior to 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.
Gnu Ed
445
VMScore
CVE-2017-5357
regex.c in GNU ed prior to 1.14.1 allows malicious users to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
Fedoraproject Fedora 25
Gnu Ed
828
VMScore
CVE-2018-20969
do_ed_script in pch.c in GNU patch up to and including 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
Gnu Patch
1 Github repository
445
VMScore
CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch up to and including 2.7.6.
Gnu Patch
1 Github repository
383
VMScore
CVE-2016-10713
An issue exists in GNU patch prior to 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
Gnu Patch
516
VMScore
CVE-2019-13636
In GNU patch up to and including 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Gnu Patch
1 Github repository
828
VMScore
CVE-2019-13638
GNU patch up to and including 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is diff...
Gnu Patch 2.7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
828
VMScore
CVE-2015-1418
The do_ed_script function in pch.c in GNU patch up to and including 2.7.6, and patch in FreeBSD 10.1 prior to 10.1-RELEASE-p17, 10.2 prior to 10.2-BETA2-p3, 10.2-RC1 prior to 10.2-RC1-p2, and 0.2-RC2 prior to 10.2-RC2-p1, allows remote malicious users to execute arbitrary command...
Freebsd Freebsd 10.2
Freebsd Freebsd 10.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »