Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-4187
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 before 2.16.1-git.
Instantcms Instantcms
5.5
CVSSv3
CVE-2023-39128
GNU gdb (GDB) 13.0.50.20220805-git exists to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
Gnu Gdb 13.0.50.20220805-git
5.5
CVSSv3
CVE-2023-39130
GNU gdb (GDB) 13.0.50.20220805-git exists to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
Gnu Gdb 13.0.50.20220805-git
5.5
CVSSv3
CVE-2023-39129
GNU gdb (GDB) 13.0.50.20220805-git exists to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
Gnu Gdb 13.0.50.20220805-git
8.8
CVSSv3
CVE-2023-37273
Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version before 0.4.3 by cloning the git repo and executing `docker compose run auto-gpt` in the repo root uses a different docker-compose.yml file from th...
Agpt Auto-gpt
5.4
CVSSv3
CVE-2023-36828
Statamic is a flat-first, Laravel and Git powered content management system. Prior to version 4.10.0, the SVG tag does not sanitize malicious SVG. Therefore, an attacker can exploit this vulnerability to perform cross-site scripting attacks using SVG, even when using the `sanitiz...
Statamic Statamic
9.8
CVSSv3
CVE-2023-26134
Versions of the package git-commit-info prior to 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. As a result, attackers may inject ma...
Git-commit-info Project Git-commit-info
7.5
CVSSv3
CVE-2023-33290
The git-url-parse crate up to and including 0.4.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to normalize_url in lib.rs, a similar issue to CVE-2023-32758 (Python).
Git-url-parse Project Git-url-parse
7.5
CVSSv3
CVE-2023-1428
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x != http, https) grpclb_client_stats: x (x == anything) On top of sending one of ...
Grpc Grpc
4.3
CVSSv3
CVE-2023-2013
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 prior to 15.10.8, all versions starting from 15.11 prior to 15.11.7, all versions starting from 16.0 prior to 16.0.2. An issue was found that allows someone to abuse a discrepancy between the We...
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »