CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

271 matches found

OSV•added 2018/02/13 12:0 a.m.•0 views

UBUNTU-CVE-2016-10713

An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input file...

5.5CVSS6.7AI score0.00526EPSS

Exploits0References4

OSV•added 2018/02/13 12:0 a.m.•0 views

UBUNTU-CVE-2018-6951

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuitdifftype function in pch.c, aka a "mangled rename" issue...

7.5CVSS6.7AI score0.46115EPSS

Exploits0References3

UbuntuCve•added 2018/02/13 12:0 a.m.•28 views

CVE-2018-6951

7.5CVSS6.8AI score0.46115EPSS

Exploits0References2

Prion•added 2018/02/05 4:29 p.m.•17 views

Code injection

The doedscript function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!'...

9.3CVSS7.8AI score0.04111EPSS

Exploits0References6Affected Software1

UbuntuCve•added 2018/02/05 4:29 p.m.•22 views

CVE-2015-1416

Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file...

9.3CVSS7.2AI score0.00878EPSS

Exploits0References3

OSV•added 2018/02/05 4:29 p.m.•4 views

CVE-2015-1416

7.8CVSS7.6AI score

Exploits0References11

NVD•added 2018/02/05 4:29 p.m.•14 views

CVE-2015-1418

9.3CVSS7.7AI score0.04111EPSS

Exploits0References6

OSV•added 2018/02/05 4:29 p.m.•1 views

DEBIAN-CVE-2015-1416

7.8CVSS7.7AI score0.00878EPSS

Exploits0References1

CVE•added 2018/02/05 4:0 p.m.•98 views

CVE-2015-1418

CVE-2015-1418 affects GNU patch up to 2.7.6 and patch on FreeBSD 10.1–10.2, where the do_ed_script function in pch.c allows remote command execution via a crafted patch file, by passing a ‘!’ to the ed program. Impact is arbitrary command execution with the patch processing utility; details on re...

9.3CVSS7.7AI score0.04111EPSS

Exploits0References6Affected Software1

Cvelist•added 2018/02/05 4:0 p.m.•18 views

CVE-2015-1418

7.8AI score0.04111EPSS

Exploits0References6

Cvelist•added 2018/02/05 4:0 p.m.•15 views

CVE-2015-1416

8AI score0.00878EPSS

Exploits0References7

CVE•added 2018/02/05 4:0 p.m.•53 views

CVE-2015-1416

The CVE-2015-1416 issue affects the patch utilities used on FreeBSD and related systems. Specifically, the patch tool (patch(1)) in FreeBSD versions 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; as well as Bitrig, and GNU patch before 2.2.5, may execute...

9.3CVSS7.9AI score0.00878EPSS

Exploits0References7Affected Software1

Debian CVE•added 2018/02/05 4:0 p.m.•23 views

CVE-2015-1416

9.3CVSS7.8AI score0.00878EPSS

Exploits0

OSV•added 2017/08/25 6:29 p.m.•7 views

CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

7.5CVSS7.4AI score

Exploits0References20

Prion•added 2017/08/25 6:29 p.m.•24 views

Directory traversal

7.8CVSS7AI score0.04141EPSS

Exploits0References9Affected Software3

Prion•added 2017/08/25 6:29 p.m.•22 views

Design/Logic Flaw

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file...

7.1CVSS6.8AI score0.00319EPSS

Exploits0References9Affected Software4

OSV•added 2017/08/25 6:29 p.m.•1 views