Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git project git vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-3028
git-big-picture prior to 1.0.0 mishandles ' characters in a branch name, leading to code execution.
Git-big-picture Project Git-big-picture
1 Github repository
7.5
CVSSv2
CVE-2020-4059
In mversion prior to 2.0.0, there is a command injection vulnerability. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This vulnerability is patched by version 2.0.0. Previous releases are deprecated in np...
Mversion Project Mversion
7.5
CVSSv2
CVE-2020-7630
git-add-remote up to and including 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument.
Git-add-remote Project Git-add-remote
7.5
CVSSv2
CVE-2020-7619
get-git-data up to and including 1.3.1 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the arguments provided to get-git-data.
Get-git-data Project Get-git-data
7.5
CVSSv2
CVE-2019-10803
push-dir up to and including 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an maliciou...
Push-dir Project Push-dir
7.5
CVSSv2
CVE-2020-8597
eap.c in pppd in ppp 2.4.2 up to and including 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Point-to-point Protocol Project Point-to-point Protocol
Wago Pfc Firmware
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
6 Github repositories
7.5
CVSSv2
CVE-2019-10776
In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions before 0.22.2.
Git-diff-apply Project Git-diff-apply
7.5
CVSSv2
CVE-2016-10128
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 prior to 0.24.6 and 0.25.x prior to 0.25.1 allows remote malicious users to have unspecified impact via a crafted non-flush packet.
Libgit2 Project Libgit2 0.25.0
Libgit2 Project Libgit2
7.5
CVSSv2
CVE-2015-0838
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich prior to 0.9.9 allows remote malicious users to execute arbitrary code via a crafted pack file.
Debian Debian Linux 7.0
Dulwich Project Dulwich
7.5
CVSSv2
CVE-2014-9706
The build_index_from_tree function in index.py in Dulwich prior to 0.9.9 allows remote malicious users to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
Debian Debian Linux 7.0
Dulwich Project Dulwich
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »