Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2021-34081
OS Command Injection vulnerability in bbultman gitsome up to and including 0.2.3 allows malicious users to execute arbitrary commands via a crafted tag name of the target git repository.
Gitsome Project Gitsome
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
9.3
CVSSv2
CVE-2021-43809
`Bundler` is a package for managing application dependencies in Ruby. In `bundler` versions prior to 2.2.33, when working with untrusted and apparently harmless `Gemfile`'s, it is not expected that they lead to execution of external code, unless that's explicit in the r...
Bundler Bundler
9.3
CVSSv2
CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
Hikvision Ds-2cd2026g2-iu\\/sl Firmware -
Hikvision Ds-2cd2046g2-iu\\/sl Firmware -
Hikvision Ds-2cd2066g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2066g2-iu\\/sl Firmware -
Hikvision Ds-2cd2086g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2086g2-iu\\/sl Firmware -
Hikvision Ds-2cd2166g2-i\\(su\\) Firmware -
Hikvision Ds-2cd2186g2-i\\(su\\) Firmware -
Hikvision Ds-2cd2186g2-isu Firmware -
Hikvision Ds-2cd2326g2-isu\\/sl Firmware -
Hikvision Ds-2cd2346g2-isu\\/sl Firmware -
Hikvision Ds-2cd2366g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2366g2-isu\\/sl Firmware -
Hikvision Ds-2cd2386g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2386g2-isu\\/sl Firmware -
Hikvision Ds-2cd2426g2-i Firmware -
Hikvision Ds-2cd2446g2-i Firmware -
Hikvision Ds-2cd2526g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2526g2-is Firmware -
Hikvision Ds-2cd2546g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2566g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2586g2-i\\(s\\) Firmware -
1 Metasploit module
31 Github repositories
2 Articles
9.3
CVSSv2
CVE-2021-38112
In the Amazon AWS WorkSpaces client 3.0.10 up to and including 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.
Amazon Aws Workspaces
3 Github repositories
9.3
CVSSv2
CVE-2021-1675
Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
1 Metasploit module
134 Github repositories
4 Articles
9.3
CVSSv2
CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2004 -
Microsoft Windows Server 20h2 -
Microsoft Windows Server 1903
Microsoft Windows Server 1909
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Synology Directory Server
Samba Samba
Debian Debian Linux 9.0
Oracle Zfs Storage Appliance Kit 8.8
1 Metasploit module
159 Github repositories
16 Articles
9.3
CVSSv2
CVE-2019-1349
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
1 Github repository
1 Article
9.3
CVSSv2
CVE-2019-1352
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
1 Article
9.3
CVSSv2
CVE-2019-1354
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »