Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-19617
phpMyAdmin prior to 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
Phpmyadmin Phpmyadmin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2011-4121
The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on stron...
Ruby-lang Ruby
9.8
CVSSv3
CVE-2019-15000
The commit diff rest endpoint in Bitbucket Server and Data Center prior to 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 prior to 6.0.10 (the fixed version for 6.0.x), from 6.1.0 prior to 6.1.8 (the fixed version for 6.1.x), from 6.2.0 prior to 6.2.6 (the fixed version for ...
Atlassian Bitbucket
9.8
CVSSv3
CVE-2019-11217
The GitController in Jakub Chodounsky Bonobo Git Server prior to 6.5.0 allows execution of arbitrary commands in the context of the web server via a crafted http request.
Bonobogitserver Bonobo Git Server
9.8
CVSSv3
CVE-2019-4059
IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583.
Ibm Rational Clearcase
9.8
CVSSv3
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter.
Git-dummy-commit Project Git-dummy-commit 1.3.0
9.8
CVSSv3
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Retail Xstore Point Of Service 7.1
Oracle Api Gateway 11.1.2.4.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Xstore Point Of Service 7.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Communications Webrtc Session Controller 7.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Soa Suite 12.1.3.0.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Communications Converged Application Server
1 Github repository
9.8
CVSSv3
CVE-2017-0356
A flaw, similar to to CVE-2016-9646, exists in ikiwiki prior to 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an malicious user to bypass authentication via repeated parameters.
Ikiwiki Ikiwiki
Debian Debian Linux 7.0
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-17458
In Mercurial prior to 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, b...
Mercurial Mercurial
Debian Debian Linux 7.0
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-12860
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each pr...
Epson Easymp 2.86
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »