Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git 1.2.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-5516
The web interface in git (gitweb) 1.5.x prior to 1.5.5 allows remote malicious users to execute arbitrary commands via shell metacharacters related to git_search.
Git Git 0.99.9j
Git Git 0.99.9k
Git Git 0.99.9l
Git Git 0.99.9m
Git Git 0.99.9n
Git Git 1.0.0
Git Git 1.0.0b
Git Git 1.0.3
Git Git 1.0.4
Git Git 1.0.5
Git Git 1.0.6
Git Git 1.0.7
Git Git 1.0.8
Git Git 1.1.1
Git Git 1.1.2
Git Git 1.1.3
Git Git 1.1.4
Git Git 1.1.5
Git Git 1.1.6
Git Git 1.2.0
Git Git 1.2.1
Git Git 1.2.2
435
VMScore
CVE-2010-3906
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Git Git 1.4.2.4
Git Git 1.4.2
Git Git 1.1.3
Git Git 1.3.2
Git Git 1.0.7
Git Git 1.1.5
Git Git 1.0.3
Git Git 1.2.2
Git-scm Git 0.04
Git-scm Git 0.7.0
Git Git 1.5.2.1
Git Git 1.5.1.5
Git Git 1.4.2.2
Git Git 1.4.2.3
Git Git 1.1.4
Git Git 1.3.1
Git Git 1.1.0
Git Git 1.4.1.1
Git Git 1.0.6
Git Git 1.1.6
Git Git 1.2.3
Git-scm Git 0.5
1 EDB exploit
231
VMScore
CVE-2017-1000092
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciou...
Jenkins Git 0.9.0
Jenkins Git 0.9.1
Jenkins Git 0.9.2
Jenkins Git 1.0.0
Jenkins Git 1.1.11
Jenkins Git 1.1.12
Jenkins Git 1.1.13
Jenkins Git 1.1.14
Jenkins Git 1.1.28
Jenkins Git 1.1.29
Jenkins Git 1.2.0
Jenkins Git 1.3.0
Jenkins Git 2.2.0
Jenkins Git 2.2.1
Jenkins Git 2.2.2
Jenkins Git 2.2.3
Jenkins Git 2.3.0
Jenkins Git 2.3.1
Jenkins Git 2.3.2
Jenkins Git 2.3.3
Jenkins Git 2.5.0
Jenkins Git 2.5.1
NA
CVE-2022-36070
Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. `git config`. These commands are being executed using the executable’s name and not its absolute path. This can lead to the execution of...
Python-poetry Poetry
Python-poetry Poetry 1.2.0
NA
CVE-2022-36069
Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as `git clone`. These commands are constructed using user input (e.g. the repository URL). When building the commands, P...
Python-poetry Poetry
Python-poetry Poetry 1.2.0
570
VMScore
CVE-2016-1182
ActionServlet.java in Apache Struts 1 1.x up to and including 1.3.10 does not properly restrict the Validator configuration, which allows remote malicious users to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-20...
Apache Struts 1.0
Apache Struts 1.1
Apache Struts 1.2.5
Apache Struts 1.2.6
Apache Struts 1.3.9
Apache Struts 1.3.10
Apache Struts 1.0.2
Apache Struts 1.2.1
Apache Struts 1.2.2
Apache Struts 1.2.9
Apache Struts 1.3.5
Apache Struts 1.2.3
Apache Struts 1.2.4
Apache Struts 1.3.7
Apache Struts 1.3.8
Apache Struts 1.3.6
Apache Struts 1.0.1
Apache Struts 1.2.0
Apache Struts 1.2.7
Apache Struts 1.2.8
1 Github repository
605
VMScore
CVE-2016-1181
ActionServlet.java in Apache Struts 1 1.x up to and including 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote malicious users to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related...
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Portal 11.1.1.6
Oracle Banking Platform 2.3.0
Oracle Banking Platform 2.4.0
Apache Struts 1.0
Apache Struts 1.1
Apache Struts 1.2.3
Apache Struts 1.2.4
Apache Struts 1.2.5
Apache Struts 1.3.7
Apache Struts 1.3.8
Apache Struts 1.0.2
Apache Struts 1.2.1
Apache Struts 1.2.2
Apache Struts 1.3.5
Apache Struts 1.3.6
Apache Struts 1.2.6
Apache Struts 1.2.7
Apache Struts 1.3.9
Apache Struts 1.3.10
Apache Struts 1.0.1
1 Github repository
NA
CVE-2023-50726
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. "Local sync" is an Argo CD feature that allows developers to temporarily override an Application's manifests with locally-defined manifests. Use of the feature should generally be limited to ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started