CVSS: 10.0EPSS: 90%CPEs: 345EXPL: 20CVE-2014-7169 – GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-7169
25 Sep 2014 — GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a ... • https://www.exploit-db.com/exploits/34777 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-228: Improper Handling of Syntactically Invalid Structure •
CVSS: 10.0EPSS: 97%CPEs: 345EXPL: 106CVE-2014-6271 – GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-6271
24 Sep 2014 — GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." N... • https://github.com/darrenmartyn/visualdoor • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2306
https://notcve.org/view.php?id=CVE-2011-2306
18 Oct 2011 — Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to "Oracle validated." Vulnerabilidad no especificada en Oracle Linux v4 y v5 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con "Oracle validado". • http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html •
CVSS: 9.8EPSS: 1%CPEs: 117EXPL: 0CVE-2008-5516 – gitWeb 1.x Remote Command Execution
https://notcve.org/view.php?id=CVE-2008-5516
20 Jan 2009 — The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search. La interfaz web en git (gitweb) versiones 1.5.x anteriores a 1.5.5, permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres de shell relacionados con git_search. gitWeb version 1.x suffers from a remote command execution vulnerability. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4832
https://notcve.org/view.php?id=CVE-2008-4832
17 Nov 2008 — rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. rc.sysinit en el paquete initscripts en sus versiones 8.12-8.21 y 8.56.15-0.1 de rPath permite a usuarios locales borrar archivos arbi... • http://secunia.com/advisories/32710 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5079 – gdm with xdmcp ignoring tcp_wrappers on x86_64
https://notcve.org/view.php?id=CVE-2007-5079
25 Sep 2007 — Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions. Red Hat Enterprise Linux 4 no compila apropiadamente y enlaza gdm con tcp_wrappers en plataformas x86_64, lo cual podría permitir a atacantes remotos evitar restricciones de acceso intencionadas. • http://www.redhat.com/support/errata/RHSA-2010-0657.html •
CVSS: 7.5EPSS: 1%CPEs: 65EXPL: 0CVE-2007-4137 – QT off by one buffer overflow
https://notcve.org/view.php?id=CVE-2007-4137
18 Sep 2007 — Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. Error de superación de límite (off-by-one) en la función QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegación de ... • ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2007-3379
https://notcve.org/view.php?id=CVE-2007-3379
17 Sep 2007 — Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command. Vulnerabilidad no especificada en el kernel en Red Hat Enterprise Linux (RHEL) 4 sobre la plataforma x86_64 permite a usuarios locales provocar denegación de servicio (OOPS) a través de vectores no especificados relacionados con la función get_gate_vma y el comando fuser. • http://rhn.redhat.com/errata/RHBA-2007-0304.html •
CVSS: 6.6EPSS: 0%CPEs: 7EXPL: 0CVE-2007-3531
https://notcve.org/view.php?id=CVE-2007-3531
25 Jul 2007 — The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file. La función set_default_speeds en backend/backend.c en NVidia NVClock before 0.8b2 permite a usuarios locales sobrescribir archivos de su elección a través de un ataque de enlace simbólico sobre el archivo temporal /tmp/nvclock. • http://bugs.gentoo.org/show_bug.cgi?id=184071 •
CVSS: 9.8EPSS: 9%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
05 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •