Lucene search
K

4 matches found

CVE
CVE
added 2017/01/23 9:0 p.m.262 views

CVE-2016-9401

CVE-2016-9401 relates to the Bash shell. The vulnerability is in the popd builtin, which may segfault/use‑after‑free a process when called with crafted/negative offsets, potentially enabling local disruption or bypassing restricted shells. The issue is fixed in multiple downstream advisories; rem...

6.2CVSS5.3AI score0.00421EPSS
CVE
CVE
added 2017/01/19 8:0 p.m.232 views

CVE-2016-7543

Summary: CVE-2016-7543 affects Bash before 4.4. The root cause is a flaw in handling SHELLOPTS and PS4 environment variables that, when combined with insecure setuid binaries or crafted hosts, enables local privilege escalation to root. Several connected sources confirm this issue across multiple...

8.4CVSS7.1AI score0.00576EPSS
CVE
CVE
added 2017/08/28 3:0 p.m.196 views

CVE-2016-0634

CVE-2016-0634 concerns Bash 4.3 where expansion of '\h' in the prompt string can trigger arbitrary code execution when a hostname contains shell metacharacters. The vulnerability is triggered by a remote attacker with authenticated access (e.g., via DHCP-influenced hostname) and can result in arb...

7.5CVSS6.8AI score0.06019EPSS
CVE
CVE
added 2017/03/27 3:0 p.m.112 views

CVE-2017-5932

CVE-2017-5932 is a Bash local privilege escalation exploiting the path autocompletion feature. A crafted filename that begins with a double quote and includes a command substitution metacharacter can allow a local user to execute arbitrary code with elevated privileges. The vulnerability affects ...

7.8CVSS6.3AI score0.00425EPSS