Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git project git vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-9706
The build_index_from_tree function in index.py in Dulwich prior to 0.9.9 allows remote malicious users to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
Debian Debian Linux 7.0
Dulwich Project Dulwich
668
VMScore
CVE-2008-3546
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT prior to 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
Git Git 1.5.5.3
Git Git 1.5.5.4
Git Git 1.5.6.3
Git Git 1.5.6.1
Git Git 1.5.6.2
616
VMScore
CVE-2022-24765
Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked...
Git-scm Git
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Apple Xcode
Debian Debian Linux 10.0
5 Github repositories
1 Article
614
VMScore
CVE-2022-24767
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
Microsoft Visual Studio 2022
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
Git For Windows Project Git For Windows
613
VMScore
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
Exiftool Project Exiftool
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
28 Github repositories
606
VMScore
CVE-2017-12426
GitLab Community Edition (CE) and Enterprise Edition (EE) prior to 8.17.8, 9.0.x prior to 9.0.13, 9.1.x prior to 9.1.10, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.10, and 9.4.x prior to 9.4.4 might allow remote malicious users to execute arbitrary code via a crafted SSH URL in a ...
Gitlab Gitlab 9.2.2
Gitlab Gitlab 9.0.9
Gitlab Gitlab 9.0.2
Gitlab Gitlab 9.4.0
Gitlab Gitlab 9.0.8
Gitlab Gitlab 9.0.1
Gitlab Gitlab 9.0.6
Gitlab Gitlab 9.3.4
Gitlab Gitlab 9.1.6
Gitlab Gitlab 9.0.12
Gitlab Gitlab 9.3.6
Gitlab Gitlab 9.2.8
Gitlab Gitlab 9.1.7
Gitlab Gitlab 9.1.1
Gitlab Gitlab 9.2.4
Gitlab Gitlab 9.3.2
Gitlab Gitlab 9.0.5
Gitlab Gitlab 9.1.8
Gitlab Gitlab 9.3.1
Gitlab Gitlab 9.2.1
Gitlab Gitlab 9.0.0
Gitlab Gitlab 9.1.4
605
VMScore
CVE-2019-15000
The commit diff rest endpoint in Bitbucket Server and Data Center prior to 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 prior to 6.0.10 (the fixed version for 6.0.x), from 6.1.0 prior to 6.1.8 (the fixed version for 6.1.x), from 6.2.0 prior to 6.2.6 (the fixed version for ...
Atlassian Bitbucket
605
VMScore
CVE-2018-20167
Terminology prior to 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X ...
Enlightenment Terminology
605
VMScore
CVE-2017-17831
GitHub Git LFS prior to 2.1.1 allows remote malicious users to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository.
Git Large File Storage Project Git Large File Storage
605
VMScore
CVE-2017-12976
git-annex prior to 6.20170818 allows remote malicious users to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-20...
Git-annex Project Git-annex
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »