Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git project git vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-25900
All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.
Git-clone Project Git-clone
10
CVSSv2
CVE-2022-1440
Command Injection vulnerability in git-interface@2.1.1 in GitHub repository yarkeev/git-interface before 2.1.2. If both are provided by user input, then the use of a `--upload-pack` command-line argument feature of git is also supported for `git clone`, which would then allow for...
Git-interface Project Git-interface
10
CVSSv2
CVE-2020-27955
Git LFS 2.12.0 allows Remote Code Execution.
Git Large File Storage Project Git Large File Storage 2.12.0
21 Github repositories
10
CVSSv2
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter.
Git-dummy-commit Project Git-dummy-commit 1.3.0
10
CVSSv2
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x prior to 2.3.32 and 2.5.x prior to 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote malicious users to execute arbitrary commands via a crafted Content-Typ...
Apache Struts 2.3.5
Apache Struts 2.3.28
Apache Struts 2.3.20.2
Apache Struts 2.3.15
Apache Struts 2.3.25
Apache Struts 2.3.14
Apache Struts 2.3.13
Apache Struts 2.3.16
Apache Struts 2.3.24.2
Apache Struts 2.3.17
Apache Struts 2.3.24.1
Apache Struts 2.3.22
Apache Struts 2.3.9
Apache Struts 2.3.16.3
Apache Struts 2.3.23
Apache Struts 2.3.6
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
Apache Struts 2.3.29
Apache Struts 2.3.14.3
Apache Struts 2.3.19
Apache Struts 2.3.20.1
2 EDB exploits
2 Nmap scripts
148 Github repositories
15 Articles
10
CVSSv2
CVE-2015-0850
The Git plugin for FusionForge prior to 6.0rc4 allows remote malicious users to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.
Fusionforge Fusionforge
10
CVSSv2
CVE-2013-4730
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote malicious users to execute arbitrary code via a long string in a USER command.
Pcman\\'s Ftp Server Project Pcman\\'s Ftp Server 2.0.7
11 EDB exploits
2 Github repositories
9.3
CVSSv2
CVE-2021-34081
OS Command Injection vulnerability in bbultman gitsome up to and including 0.2.3 allows malicious users to execute arbitrary commands via a crafted tag name of the target git repository.
Gitsome Project Gitsome
9.3
CVSSv2
CVE-2009-0385
Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote malicious users to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.
Ffmpeg Ffmpeg
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Fedoraproject Fedora 10
Fedoraproject Fedora 9
2 Github repositories
9
CVSSv2
CVE-2017-12148
A flaw was found in Ansible Tower's interface prior to 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository...
Redhat Ansible Tower
Redhat Cloudforms 4.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »