Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cgit project cgit vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-1901
Integer overflow in the authenticate_post function in CGit prior to 0.12 allows remote malicious users to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
Fedoraproject Fedora 22
Cgit Project Cgit
4.3
CVSSv2
CVE-2016-1899
CRLF injection vulnerability in the ui-blob handler in CGit prior to 0.12 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated...
Fedoraproject Fedora 22
Cgit Project Cgit
4.3
CVSSv2
CVE-2016-1900
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit prior to 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) at...
Fedoraproject Fedora 22
Cgit Project Cgit
5
CVSSv2
CVE-2018-14912
cgit_clone_objects in CGit prior to 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
Cgit Project Cgit
Debian Debian Linux 9.0
Debian Debian Linux 8.0
1 EDB exploit
7.5
CVSSv2
CVE-2020-8597
eap.c in pppd in ppp 2.4.2 up to and including 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Point-to-point Protocol Project Point-to-point Protocol
Wago Pfc Firmware
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
6 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started