Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git project git vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-25900
All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.
Git-clone Project Git-clone
10
CVSSv2
CVE-2022-1440
Command Injection vulnerability in git-interface@2.1.1 in GitHub repository yarkeev/git-interface before 2.1.2. If both are provided by user input, then the use of a `--upload-pack` command-line argument feature of git is also supported for `git clone`, which would then allow for...
Git-interface Project Git-interface
10
CVSSv2
CVE-2020-27955
Git LFS 2.12.0 allows Remote Code Execution.
Git Large File Storage Project Git Large File Storage 2.12.0
21 Github repositories
10
CVSSv2
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter.
Git-dummy-commit Project Git-dummy-commit 1.3.0
10
CVSSv2
CVE-2015-0850
The Git plugin for FusionForge prior to 6.0rc4 allows remote malicious users to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.
Fusionforge Fusionforge
10
CVSSv2
CVE-2013-4730
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote malicious users to execute arbitrary code via a long string in a USER command.
Pcman\\'s Ftp Server Project Pcman\\'s Ftp Server 2.0.7
11 EDB exploits
2 Github repositories
9.3
CVSSv2
CVE-2021-34081
OS Command Injection vulnerability in bbultman gitsome up to and including 0.2.3 allows malicious users to execute arbitrary commands via a crafted tag name of the target git repository.
Gitsome Project Gitsome
9
CVSSv2
CVE-2017-12148
A flaw was found in Ansible Tower's interface prior to 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository...
Redhat Ansible Tower
Redhat Cloudforms 4.5
7.5
CVSSv2
CVE-2022-24376
All versions of package git-promise are vulnerable to Command Injection due to an inappropriate fix of a prior [vulnerability](https://security.snyk.io/vuln/SNYK-JS-GITPROMISE-567476) in this package. **Note:** Please note that the vulnerability will not be fixed. The README file...
Git-promise Project Git-promise
7.5
CVSSv2
CVE-2022-24437
The package git-pull-or-clone prior to 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The source includes the use of the secure child process API spawn(). However, the outpath parameter passed to...
Git-pull-or-clone Project Git-pull-or-clone
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »