Lucene search
K

38 matches found

OSV
OSV
added 2025/10/24 5:16 p.m.6 views

CLSA-2025-1761326171 Fix CVE(s): CVE-2019-18276

SECURITY UPDATE: privilege escalation vulnerability in privileged mode - debian/patches/CVE-2019-18276.patch: fix setuid/setgid handling when bash is running in privileged mode, use setresuid/setresgid over setuid/setgid when available - CVE-2019-18276...

7.8CVSS7.1AI score0.02608EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2019-18276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real...

7.8CVSS6.9AI score0.02608EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 7 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 - A...

7.8CVSS8.8AI score0.02608EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.12 views

RHEL 5 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution CVE-2016-7543 - bash: when...

7.6AI score0.02608EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 6 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: BASHCMD is writable in restricted bash shells CVE-2019-9924 - bash: a heap-buffer-overflow in...

8.5AI score0.02608EPSS
Exploits6References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/09 8:27 p.m.62 views

Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.

Summary There were multiple Security Vulnerabilities that were reported against IBM Security Verify Access. These have been addressed in IBM Security Verify Access 10.0.7.0 Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based...

9.8CVSS10AI score0.99615EPSS
Exploits23Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:2 p.m.45 views

K86221000: Bash vulnerability CVE-2019-18276

Security Advisory Description An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly...

7.8CVSS7.1AI score0.02608EPSS
Exploits5Affected Software1
Cloud Foundry
Cloud Foundry
added 2022/05/23 12:0 a.m.33 views

USN-5380-1: Bash vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges. Update...

7.8CVSS7.9AI score0.02608EPSS
Exploits5Affected Software3
CloudLinux
CloudLinux
added 2022/04/25 6:6 p.m.72 views

Fix of CVE: CVE-2019-18276

CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...

7.8CVSS2.6AI score0.02608EPSS
Exploits5References1
CloudLinux
CloudLinux
added 2022/04/25 5:48 p.m.36 views

Fix of CVE: CVE-2019-18276

CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...

7.2CVSS2.6AI score0.02608EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2022/04/20 12:0 a.m.58 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Bash vulnerability (USN-5380-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5380-1 advisory. It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use th...

7.8CVSS7AI score0.02608EPSS
Exploits5References2
Rosalinux
Rosalinux
added 2021/07/02 4:30 p.m.50 views

Advisory ROSA-SA-2021-1802

Software: bash 4.2.46 OS: Cobalt 7.9 CVE-ID: CVE-2012-6711 CVE-Crit: HIGH CVE-DESC: A heap-based buffer overflow exists in GNU Bash before 4.3, when broad characters not supported by the current language standard set in the LCCTYPE environment variable are printed using the built-in echo function...

7.8CVSS7.5AI score0.02608EPSS
Exploits5
OSV
OSV
added 2021/06/28 9:16 p.m.11 views

MGASA-2021-0288 Updated bash packages fix a security vulnerability

A privilege escalation vulnerability was found in bash in the way it dropped privileges when started with an effective user id not equal to the real user id. Bash may be vulnerable to this flaw if the setuid permission is set and the owner of the bash program itself is a non-root user. A local...

7.8CVSS8.2AI score0.02608EPSS
Exploits5References3
Mageia
Mageia
added 2021/06/28 9:16 p.m.40 views

Updated bash packages fix a security vulnerability

A privilege escalation vulnerability was found in bash in the way it dropped privileges when started with an effective user id not equal to the real user id. Bash may be vulnerable to this flaw if the setuid permission is set and the owner of the bash program itself is a non-root user. A local...

7.8CVSS2AI score0.02608EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.42 views

Oracle Linux 8 : bash (ELSA-2021-1679)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1679 advisory. 4.4.19-14 - Fix hang when limit for nproc is very high Resolves: 1890888 4.4.19-13 - Correctly drop saved UID when effective UID is not equal to its real UID...

7.8CVSS6.8AI score0.02608EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.42 views

CentOS 8 : bash (CESA-2021:1679)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1679 advisory. - bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 Note that Nessus has not tested for this issue but has inste...

7.8CVSS6.8AI score0.02608EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2021/05/18 1:25 p.m.60 views

Low: Red Hat Security Advisory: bash security and bug fix update

An update for bash is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS6.8AI score0.02608EPSS
Exploits5References4
CBLMariner
CBLMariner
added 2020/11/30 7:30 p.m.37 views

CVE-2019-18276 affecting package bash 4.4.23-1

CVE-2019-18276 affecting package bash 4.4.23-1. A patched version of the package is available...

7.8CVSS9.8AI score0.02608EPSS
Exploits5
OpenVAS
OpenVAS
added 2020/11/04 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2020-2328)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.02608EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2020/11/03 12:0 a.m.28 views

EulerOS 2.0 SP2 : bash (EulerOS-SA-2020-2328)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to...

7.8CVSS7.1AI score0.02608EPSS
Exploits5References2
Rows per page
Query Builder