Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2023-42798
AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools. An issue in versions 1.4.1 and below can let a release job reset the git root repository to the first commit. Version 1.5.0 has a patch for this issue. As a workaround, make sure the...
Hollowaykeanho Automataci
7.8
CVSSv3
CVE-2023-32184
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local malicious users to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 prior to 0.1.9+git.35.4b9444a.
Opensuse Welcome
9.1
CVSSv3
CVE-2023-26143
Versions of the package blamer prior to 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile() API. The library does not sanitize for user input or validate the given file path conforms to a specific schema, nor does it properly pass command-line flags to the ...
Blamer Project Blamer
8.8
CVSSv3
CVE-2023-4759
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit ...
Eclipse Jgit
3 Github repositories
5.4
CVSSv3
CVE-2023-4878
Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
4.8
CVSSv3
CVE-2023-4879
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 before 2.16.1.-git.
Instantcms Instantcms
7.8
CVSSv3
CVE-2023-20898
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters before 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disc...
Saltstack Salt
4.9
CVSSv3
CVE-2023-4704
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
4.7
CVSSv3
CVE-2023-4650
Improper Access Control in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
5.4
CVSSv3
CVE-2023-4652
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »