Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git 1.6.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-24440
The package cocoapods-downloader prior to 1.6.0, from 1.6.2 and prior to 1.6.3 are vulnerable to Command Injection via git argument injection. When calling the Pod::Downloader.preprocess_options function and using git, both the git and branch parameters are passed to the git ls-r...
Cocoapods Cocoapods-downloader 1.6.2
Cocoapods Cocoapods-downloader
7.5
CVSSv3
CVE-2019-13915
b3log Wide prior to 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink i...
B3log Wide
7.5
CVSSv3
CVE-2017-1000092
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciou...
Jenkins Git 3.3.1
Jenkins Git 0.1.0
Jenkins Git 0.2.0
Jenkins Git 0.3.0
Jenkins Git 0.4.0
Jenkins Git 0.5.0
Jenkins Git 0.6.0
Jenkins Git 0.7.0
Jenkins Git 0.7.1
Jenkins Git 0.7.2
Jenkins Git 0.7.3
Jenkins Git 0.8.0
Jenkins Git 0.8.1
Jenkins Git 0.8.2
Jenkins Git 0.9.0
Jenkins Git 0.9.1
Jenkins Git 0.9.2
Jenkins Git 1.0.0
Jenkins Git 1.0.1
Jenkins Git 1.1.0
Jenkins Git 1.1.1
Jenkins Git 1.1.2
7.3
CVSSv3
CVE-2019-10086
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an malicious user to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of th...
Apache Commons Beanutils
Apache Nifi 1.14.0
Apache Nifi 1.15.0
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Jboss Enterprise Application Platform 7.2.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Flexcube Private Banking 12.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Fusion Middleware 11.1.1.9
NA
CVE-2010-3906
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Git Git 1.5.5.6
Git Git 1.5.6.6
Git Git 1.0.3
Git Git 1.5.4
Git Git 1.5.0.7
Git Git 0.99.9m
Git Git 1.5.5
Git Git 1.5.6.5
Git Git 1.0.0b
Git Git 1.5.0
Git Git 1.1.3
Git Git 0.99.9k
Git Git 1.5.0.3
Git Git 1.4.3
Git Git 1.0.4
Git Git 1.1.2
Git Git 1.5.2.5
Git Git 1.5.1.4
Git Git 1.7.2.2
Git Git 1.5.3.1
Git Git 1.6.3
Git Git 1.6.2.4
1 EDB exploit
NA
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
NA
CVE-2009-2108
git-daemon in git 1.4.4.5 up to and including 1.6.3 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.
Git Git 1.5.5.6
Git Git 1.5.6.6
Git Git 1.5.4
Git Git 1.5.0.7
Git Git 1.5.5
Git Git 1.5.6.5
Git Git 1.5.0
Git Git 1.5.0.3
Git Git 1.5.2.5
Git Git 1.5.1.4
Git Git 1.6.3
Git Git 1.6.2.4
Git Git 1.5.4.1
Git Git 1.5.6.3
Git Git 1.5.6.4
Git Git 1.6.0.3
Git Git 1.6.1
Git Git 1.6.0.2
Git Git 1.5.4.7
Git Git 1.5.1.3
Git Git 1.5.5.4
Git Git 1.6.2
1 EDB exploit
NA
CVE-2008-5916
gitweb/gitweb.perl in gitweb in Git 1.6.x prior to 1.6.0.6, 1.5.6.x prior to 1.5.6.6, 1.5.5.x prior to 1.5.5.6, 1.5.4.x prior to 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration varia...
Git Git 1.5.4
Git Git 1.5.0.7
Git Git 1.5.5
Git Git 1.5.6.5
Git Git 1.5.0
Git Git 1.5.0.3
Git Git 1.5.2.5
Git Git 1.5.1.4
Git Git 1.5.3.1
Git Git 1.5.4.1
Git Git 1.5.6.3
Git Git 1.5.6.4
Git Git 1.6.0.3
Git Git 1.6.0.2
Git Git 1.5.3.3
Git Git 1.5.1.3
Git Git 1.5.5.4
Git Git 1.4.4.1
Git Git 1.5.3
Git Git 1.5.2.3
Git Git 1.5.3.8
Git Git 1.5.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started