CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2014-6278link is external GNU Bash OS Command Injection Vulnerability CVE-2015-7755link is external Juniper ScreenOS Improper Authentication Vulnerability...

10CVSS7.7AI score0.94479EPSS

In wildExploits80References10

Snyk•added 2025/10/02 6:39 a.m.•1 views

Command Injection

Overview portage is a Portage is the package management and distribution system for Gentoo Affected versions of this package are vulnerable to Command Injection due to evaluating untrusted timestamp fields in a Bash arithmetic context via command substitution. The bin/emerge-webrsync functions...

9.3CVSS7.3AI score

Exploits0References3

Microsoft CVE•added 2025/10/02 6:11 a.m.•2 views

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.

...

7.8CVSS7AI score0.00039EPSS

Exploits1

CISA KEV Catalog•added 2025/10/02 12:0 a.m.•15 views

GNU Bash OS Command Injection Vulnerability

GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via a crafted environment...

10CVSS9AI score0.91694EPSS

In wildExploits31

SUSE CVE•added 2025/09/30 11:22 p.m.•1 views

SUSE CVE-2025-61659

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...

6.8CVSS7AI score0.00021EPSS

Exploits0References3

RedhatCVE•added 2025/09/30 12:45 a.m.•3 views

CVE-2025-61659

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...

6.8CVSS7AI score0.00021EPSS

Exploits0References1

NVD•added 2025/09/29 5:15 p.m.•1 views

CVE-2025-61659

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...

6.8CVSS0.00021EPSS

Exploits0References1

OSV•added 2025/09/29 5:15 p.m.•2 views

CVE-2025-61659

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...

6.8CVSS7AI score

Exploits0References1

Cvelist•added 2025/09/29 12:0 a.m.•5 views

CVE-2025-61659

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...

6.8CVSS0.00021EPSS

Exploits0References1

CNNVD•added 2025/09/29 12:0 a.m.•1 views

Informative git prompt for bash and fish 安全漏洞

Informative git prompt for bash and fish is a bash prompt for Git users from the personal developer Martin Gondermann. A security vulnerability exists in Informative git prompt for bash and fish 2.7.1 and prior versions, which stems from a predictable filename in /tmp/git-index-private$$ that cou...

6.8CVSS6.6AI score0.00021EPSS

Exploits0References3

CVE•added 2025/09/29 12:0 a.m.•9 views

CVE-2025-61659

CVE-2025-61659 affects bash-git-prompt versions 2.6.1 through 2.7.1. The root cause is insecure handling of a temporary file in /tmp, using a filename with a predictable pattern (/tmp/git-index-private$$). This can enable unsafe operations due to filename predictability. OpenSUSE/SUSE advisories ...

6.8CVSS6.6AI score0.00021EPSS

Exploits0References1

Positive Technologies•added 2025/09/29 12:0 a.m.•2 views

PT-2025-39840

Name of the Vulnerable Software and Affected Versions bash-git-prompt versions 2.6.1 through 2.7.1 Description The software uses the /tmp/git-index-private$$ file in a manner that results in a predictable filename. Recommendations Update to a version later than 2.7.1...

6.8CVSS6.5AI score0.00021EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by