Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2019-1350
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
1 Article
9.3
CVSSv2
CVE-2019-19604
Arbitrary command execution is possible in Git prior to 2.20.2, 2.21.x prior to 2.21.1, 2.22.x prior to 2.22.2, 2.23.x prior to 2.23.1, and 2.24.x prior to 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious re...
Git-scm Git
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
9.3
CVSSv2
CVE-2019-3462
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and previous versions can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Debian Advanced Package Tool
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Element Software -
Netapp Active Iq -
10 Github repositories
1 Article
9.3
CVSSv2
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
9.3
CVSSv2
CVE-2018-1335
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to ...
Apache Tika
2 EDB exploits
1 Github repository
9.3
CVSSv2
CVE-2015-8968
git-fastclone prior to 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an attacker can MITM an un...
Squareup Git-fastclone
9.3
CVSSv2
CVE-2013-0757
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox prior to 18.0, Firefox ESR 17.x prior to 17.0.2, Thunderbird prior to 17.0.2, Thunderbird ESR 17.x prior to 17.0.2, and SeaMonkey prior to 2.15 does not prevent modifications to the prototype of an object, which al...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
2 EDB exploits
2 Metasploit modules
1 Github repository
9.3
CVSSv2
CVE-2013-0758
Mozilla Firefox prior to 18.0, Firefox ESR 10.x prior to 10.0.12 and 17.x prior to 17.0.2, Thunderbird prior to 17.0.2, Thunderbird ESR 10.x prior to 10.0.12 and 17.x prior to 17.0.2, and SeaMonkey prior to 2.15 allow remote malicious users to execute arbitrary JavaScript code wi...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 5.9
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Aus 5.9
Redhat Enterprise Linux Workstation 5.0
2 EDB exploits
2 Metasploit modules
1 Github repository
9
CVSSv2
CVE-2022-1025
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
Linuxfoundation Argo-cd
9
CVSSv2
CVE-2022-23118
Jenkins Debian Package Builder Plugin 1.6.11 and previous versions implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the c...
Jenkins Debian Package Builder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »