threat
engine
.sh
Back
·
··:··
Home
/
Product
/
gnu bash
Product
gnu bash
18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-3715
>= 5.1 and < 5.1.8
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to
7.8
HIGH
CVE-2019-18276
<= 5.0
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effe
7.8
HIGH
CVE-2012-6711
>= 4.2 and <= 4.3
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC
7.0
HIGH
CVE-2019-9924
< 4.4
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any comm
7.8
HIGH
CVE-2016-0634
all versions
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metac
7.5
HIGH
CVE-2017-5932
all versions
The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double
7.8
HIGH
CVE-2016-9401
< 4.4
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
5.5
MEDIUM
CVE-2016-7543
<= 4.3
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment va
8.4
HIGH
CVE-2014-6278
all versions
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows
8.8
HIGH
CVE-2014-7187
all versions
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a
CVE-2014-7186
all versions
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service
CVE-2014-6277
all versions
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows
CVE-2014-7169
<= 4.3
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environme
9.8
CRITICAL
CVE-2014-6271
<= 4.3
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows re
9.8
CRITICAL
CVE-2012-3410
all versions
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restric
CVE-2010-0002
all versions
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-con
CVE-1999-0491
<= 2.04
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the co
CVE-1999-1383
<= 1.14.6
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacte
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin