PT-2026-4516

Name of the Vulnerable Software and Affected Versions LiteSpeed Web Server Enterprise version 5.4.11 Description LiteSpeed Web Server Enterprise version 5.4.11 has an issue where a user with administrative privileges can inject commands into the system. This occurs through the 'Command' parameter...

MiracleLinux 8 : bash-4.4.19-14.el8 (AXSA:2021-1784:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1784:01 advisory. bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 Tenable has extracted the preceding description block...

MiracleLinux 9 : bash-5.1.8-6.el9 (AXSA:2023-4862:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4862:01 advisory. bash: a heap-buffer-overflow in validparametertransform CVE-2022-3715 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : bash-4.1.2-15.AXS4.1 (AXSA:2014-549:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-549:01 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful...

MiracleLinux 7 : bash-4.2.46-34.el7 (AXSA:2020-4537:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4537:01 advisory. bash: BASHCMD is writable in restricted bash shells CVE-2019-9924 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 4 : bash-4.1.2-48.AXS4 (AXSA:2017-1370:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1370:02 advisory. The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful...

MiracleLinux 4 : bash-4.1.2-15.AXS4.2 (AXSA:2014-554:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-554:02 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporat...

MiracleLinux 7 : bash-4.2.46-28.el7 (AXSA:2017-1762:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1762:01 advisory. The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful...

MiracleLinux 3 : bash-3.2-33.AXS3.4 (AXSA:2014-553:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-553:01 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporat...

MiracleLinux 3 : bash-3.2-33.AXS3.1 (AXSA:2014-548:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-548:01 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful...

MiracleLinux 3 : bash-3.2-32.AXS3 (AXSA:2011-274:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-274:01 advisory. The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from...

CVE-2009-4011

dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console...

CVE-2010-0002

The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LSOPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename...

CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

CVE-1999-0234

Bash treats any character with a value of 255 as a command separator...

CVE-1999-0491

The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute...

Command Injection through bash -c

This report is not public...

OPENSUSE-SU-2025:20130-1 Security update for bash-git-prompt

This update for bash-git-prompt fixes the following issues: - CVE-2025-61659: Fixed an issue where predictable files in /tmp were used for a copy of the git index bsc1247489...

Exploit for Deserialization of Untrusted Data in Facebook React

🎯 CVE-2025-55182-advanced-scanner- - Detect and Exploit Vulner...

CVE-2024-58294

FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to...