| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-6271 | 10.0 |
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman
|
24-07-2024 - 16:47 | 24-09-2014 - 18:48 | |
| CVE-2019-9924 | 7.2 |
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
|
05-04-2022 - 20:11 | 22-03-2019 - 08:29 | |
| CVE-2016-9401 | 2.1 |
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
|
14-09-2020 - 18:32 | 23-01-2017 - 21:59 | |
| CVE-2014-7187 | 10.0 |
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deepl
|
09-10-2018 - 19:52 | 28-09-2014 - 19:55 |