Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-45511
A memory leak in tsMuxer version git-2539d07 allows malicious users to cause a Denial of Service (DoS) via a crafted MP4 file.
Justdan96 Tsmuxer Nightly-2023-10-05-01-55-56
7.5
CVSSv3
CVE-2023-43809
Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote malicious user to bypass public key authentication when keyboard-interactive SSH authentication is active, through ...
Charm Soft Serve
9.1
CVSSv3
CVE-2023-42798
AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools. An issue in versions 1.4.1 and below can let a release job reset the git root repository to the first commit. Version 1.5.0 has a patch for this issue. As a workaround, make sure the...
Hollowaykeanho Automataci
7.8
CVSSv3
CVE-2023-32184
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local malicious users to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 prior to 0.1.9+git.35.4b9444a.
Opensuse Welcome
9.1
CVSSv3
CVE-2023-26143
Versions of the package blamer prior to 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile() API. The library does not sanitize for user input or validate the given file path conforms to a specific schema, nor does it properly pass command-line flags to the ...
Blamer Project Blamer
8.8
CVSSv3
CVE-2023-4759
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit ...
Eclipse Jgit
2 Github repositories
5.4
CVSSv3
CVE-2023-4878
Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
4.8
CVSSv3
CVE-2023-4879
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 before 2.16.1.-git.
Instantcms Instantcms
7.8
CVSSv3
CVE-2023-20898
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters before 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disc...
Saltstack Salt
4.9
CVSSv3
CVE-2023-4704
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »