Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2014-10070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as literal numbers. That...

7.8CVSS7.7AI score0.00496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - zsh before 5.0.7 allows evaluation of the initial values...

9.8CVSS7.7AI score0.03173EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 7 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - zsh: privilege escalation via environment variables CVE-2014-10070 Note that Nessus has not tested for this issue b...

7.8CVSS7.6AI score0.00496EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 6 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 - zsh before 5.0.7 allows evaluation...

9.8CVSS7.8AI score0.02744EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/03/17 12:0 a.m.53 views

SUSE SLES11 Security Update : zsh (SUSE-SU-2022:14910-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14910-1 advisory. - zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as...

9.8CVSS7.9AI score0.03173EPSS
Exploits0References37
OpenVAS
OpenVAS
added 2022/03/15 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2022:14910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.03173EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2018-1090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.03173EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2018-1091)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.03173EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/04/27 12:0 a.m.32 views

openSUSE: Security Advisory for zsh (openSUSE-SU-2018:1093-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.2AI score0.03173EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.30 views

openSUSE Security Update : zsh (openSUSE-2018-399)

This update for zsh fixes the following issues : - CVE-2014-10070: environment variable injection could lead to local privilege escalation bnc1082885 - CVE-2014-10071: buffer overflow in exec.c could lead to denial of service. bnc1082977 - CVE-2014-10072: buffer overflow In utils.c when scanning...

9.8CVSS7.1AI score0.03173EPSS
Exploits0References19
OpenVAS
OpenVAS
added 2018/03/26 12:0 a.m.31 views

Debian: Security Advisory (DLA-1304-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.03173EPSS
Exploits0References2
OSV
OSV
added 2018/02/27 10:29 p.m.6 views

CVE-2014-10070

zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as literal numbers. That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation...

7.8CVSS9.3AI score
Exploits0References4
CVE
CVE
added 2018/02/27 10:0 p.m.80 views

CVE-2014-10070

Mode C: CVE-2014-10070 affects zsh prior to 5.0.7, where environment-imported initial values of integer variables may be evaluated instead of literals when zsh is invoked in privilege-elevation contexts with unsanitized env (e.g., sudo with env_reset disabled). This can enable local privilege esc...

7.8CVSS7AI score0.00496EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2018/02/27 12:0 a.m.26 views

CVE-2014-10070

zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as literal numbers. That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation...

7.8CVSS7.1AI score0.00496EPSS
Exploits0References4
Rows per page
Query Builder