Skip to main content

Bash

10 CVEs product

Monthly

CVE-2019-18276 HIGH POC PATCH This Week

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Bash Hci Management Node Oncommand Unified Manager Solidfire +1
NVD GitHub
CVSS 3.1
7.8
EPSS
2.6%
CVE-2019-9924 HIGH This Week

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Bash Debian Linux Leap Hci Management Node +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2016-0634 HIGH PATCH This Week

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Bash
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2017-5932 HIGH PATCH This Week

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Bash
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-9401 MEDIUM This Month

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Authentication Bypass Use After Free Bash Debian Linux +6
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-7543 HIGH PATCH This Week

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Bash Fedora
NVD VulDB
CVSS 3.0
8.4
EPSS
0.1%
CVE-2014-7187 CRITICAL POC THREAT Emergency

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.9%.

Denial Of Service Buffer Overflow Bash
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
89.9%
Threat
6.2
CVE-2014-7186 CRITICAL POC THREAT Emergency

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.3%.

Denial Of Service Buffer Overflow Bash
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
89.3%
Threat
6.2
CVE-2014-6277 CRITICAL POC THREAT Emergency

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.8%.

Command Injection Denial Of Service SSH RCE Apache +1
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
86.8%
Threat
6.1
CVE-2012-3410 MEDIUM PATCH This Month

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Buffer Overflow Bash
NVD
CVSS 2.0
4.6
EPSS
0.1%
EPSS 3% CVSS 7.8
HIGH POC PATCH This Week

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Bash Hci Management Node +3
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Bash Debian Linux +4
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Bash
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Bash
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Authentication Bypass Use After Free +8
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Bash Fedora
NVD VulDB
EPSS 90% 6.2 CVSS 10.0
CRITICAL POC THREAT Emergency

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.9%.

Denial Of Service Buffer Overflow Bash
NVD Exploit-DB
EPSS 89% 6.2 CVSS 10.0
CRITICAL POC THREAT Emergency

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.3%.

Denial Of Service Buffer Overflow Bash
NVD Exploit-DB
EPSS 87% 6.1 CVSS 10.0
CRITICAL POC THREAT Emergency

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.8%.

Command Injection Denial Of Service SSH +3
NVD Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Buffer Overflow Bash
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy