CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2024
https://notcve.org/view.php?id=CVE-2013-2024
OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0. Una vulnerabilidad de inyección de comandos de Sistema Operativo en el procedimiento "qs" del módulo "utils" en Chicken versiones anteriores a 4.9.0. • http://www.openwall.com/lists/oss-security/2013/04/29/13 http://www.securityfocus.com/bid/59320 https://access.redhat.com/security/cve/cve-2013-2024 https://exchange.xforce.ibmcloud.com/vulnerabilities/85064 https://lists.nongnu.org/archive/html/chicken-announce/2013-04/msg00000.html https://security-tracker.debian.org/tracker/CVE-2013-2024 https://security.gentoo.org/glsa/201612-54 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2015-4556
https://notcve.org/view.php?id=CVE-2015-4556
The string-translate* procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service (crash). El procedimiento string-translate* en la unidad de estructuras de datos CHICKEN en versiones anteriores a 4.10.0 permite a atacantes remotos provocar una denegación de servicio (caída). • http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html http://lists.nongnu.org/archive/html/chicken-hackers/2015-06/msg00037.html http://seclists.org/oss-sec/2015/q2/712 http://www.securityfocus.com/bid/97293 https://bugzilla.redhat.com/show_bug.cgi?id=1231871 https://security.gentoo.org/glsa/201612-54 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9651
https://notcve.org/view.php?id=CVE-2014-9651
Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument to the "substring-index[-ci] procedures." Vulnerabilidad de desbordamiento de Buffer en CHICKEN 4.9.0.x en versiones anteriores a 4.9.0.2, 4.9.x en versiones anteriores a 4.9.1 y en versiones anteriores a 5.0, permite a atacantes tener un impacto no especificado a través de un argumento START positivo a 'substring-index[-ci] procedures'. • http://lists.nongnu.org/archive/html/chicken-hackers/2014-12/msg00000.html http://lists.nongnu.org/archive/html/chicken-users/2015-01/msg00048.html http://www.securityfocus.com/bid/72011 https://security.gentoo.org/glsa/201612-54 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.4EPSS: 0%CPEs: 13EXPL: 0CVE-2013-1874
https://notcve.org/view.php?id=CVE-2013-1874
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en csi en Chicken anterior a 4.8.2 permite a usuarios locales ejecutar código arbitrario a través de un .csirc de caballo de troya en el directorio de trabajos actual. • http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git%3Ba=blob%3Bf=NEWS%3Bh=c21c7cf9d1faf4f78736890ac7ca1d4b82d72ddd%3Bhb=c6750af99ada7fa4815ee834e4e705bcfac9c137 http://seclists.org/oss-sec/2013/q1/692 http://www.osvdb.org/91520 http://www.securityfocus.com/bid/58583 https://exchange.xforce.ibmcloud.com/vulnerabilities/85065 •
CVSS: 7.5EPSS: 7%CPEs: 2EXPL: 0CVE-2014-3776
https://notcve.org/view.php?id=CVE-2014-3776
Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a "#f" value in the NUM argument. Desbordamiento de buffer en el procedimiento 'read-u8vector!' en la unidad srfi-4 en CHICKEN Stable 4.8.0.7 y Development Snapshots anterior a 4.9.1 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) y posiblemente ejecutar código arbitrario a través de un valor '#f' en el argumento NUM. • http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git%3Ba=commit%3Bh=1d06ce7e21c7e903ca5dca11fda6fcf2cc52de5e http://lists.gnu.org/archive/html/chicken-announce/2014-05/msg00001.html http://lists.gnu.org/archive/html/chicken-hackers/2014-05/msg00032.html http://seclists.org/oss-sec/2014/q2/328 http://seclists.org/oss-sec/2014/q2/334 http://www.securityfocus.com/bid/67468 https://bugs.call-cc.org/ticket/1124 https://security.gentoo.org/glsa/201612-54 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •