Every CVE whose affected-product data names Pizzashack Rssh, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2019-3464 — CVSS 9.8 (critical): Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that…
CVE-2019-3463 — CVSS 9.8 (critical): Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict…
CVE-2004-1628 — CVSS 9.0 (critical): Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.
CVE-2019-1000018 — CVSS 7.8 (high): rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in…
CVE-2012-2251 — CVSS 4.4 (medium): rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted…
CVE-2012-2252 — CVSS 4.4 (medium): Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended…
CVE-2012-3478 — CVSS 2.1 (low): rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the command line.