Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git project git vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-12976
git-annex prior to 6.20170818 allows remote malicious users to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-20...
Git-annex Project Git-annex
605
VMScore
CVE-2016-3630
The binary delta decoder in Mercurial prior to 3.7.3 allows remote malicious users to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Opensuse Leap 42.1
Mercurial Mercurial
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Opensuse 13.2
593
VMScore
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
578
VMScore
CVE-2022-25766
The package ungit prior to 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are passed to the git fetch command. By injecting some git options it was possibl...
Ungit Project Ungit
1 Github repository
578
VMScore
CVE-2020-15272
In the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. The problem has been...
Git-tag-annotation-action Project Git-tag-annotation-action
557
VMScore
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usu...
Apache Http Server 2.4.49
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Netapp Cloud Backup -
2 Metasploit modules
157 Github repositories
3 Articles
505
VMScore
CVE-2018-14912
cgit_clone_objects in CGit prior to 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
Cgit Project Cgit
Debian Debian Linux 9.0
Debian Debian Linux 8.0
1 EDB exploit
490
VMScore
CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial o...
Openstack Neutron 18.0.0
Openstack Neutron
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 10.0
Redhat Openstack Platform 16.2
454
VMScore
CVE-2018-7032
webcheckout in myrepos up to and including 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM malicious user to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or a...
Myrepos Project Myrepos
447
VMScore
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x prior to 11.3.11, 11.4.x prior to 11.4.8, and 11.5.x prior to 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
Gitlab Gitlab
5 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »