Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git 1.1.1 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-5516
The web interface in git (gitweb) 1.5.x prior to 1.5.5 allows remote malicious users to execute arbitrary commands via shell metacharacters related to git_search.
Git Git 0.99.9j
Git Git 0.99.9k
Git Git 0.99.9l
Git Git 0.99.9m
Git Git 0.99.9n
Git Git 1.0.0
Git Git 1.0.0b
Git Git 1.0.3
Git Git 1.0.4
Git Git 1.0.5
Git Git 1.0.6
Git Git 1.0.7
Git Git 1.0.8
Git Git 1.1.1
Git Git 1.1.2
Git Git 1.1.3
Git Git 1.1.4
Git Git 1.1.5
Git Git 1.1.6
Git Git 1.2.0
Git Git 1.2.1
Git Git 1.2.2
668
VMScore
CVE-2006-0477
Buffer overflow in git-checkout-index in GIT prior to 1.1.5 allows remote malicious users to execute arbitrary code via an index file with a long symbolic link.
Git Git 1.0.3
Git Git 1.0.4
Git Git 1.1.2
Git Git 1.1.3
Git Git 1.0.5
Git Git 1.0.6
Git Git 1.1.4
Git Git 1.0.0
Git Git 1.0.0b
Git Git 1.1.0
Git Git 1.1.1
Git Git 1.0.7
Git Git 1.0.8
605
VMScore
CVE-2022-24828
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist...
Getcomposer Composer
Tenable Tenable.sc
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
445
VMScore
CVE-2019-10330
Jenkins Gitea Plugin 1.1.1 and previous versions did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted.
Gitea Gitea
435
VMScore
CVE-2010-3906
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Git Git 1.4.2.4
Git Git 1.4.2
Git Git 1.1.3
Git Git 1.3.2
Git Git 1.0.7
Git Git 1.1.5
Git Git 1.0.3
Git Git 1.2.2
Git-scm Git 0.04
Git-scm Git 0.7.0
Git Git 1.5.2.1
Git Git 1.5.1.5
Git Git 1.4.2.2
Git Git 1.4.2.3
Git Git 1.1.4
Git Git 1.3.1
Git Git 1.1.0
Git Git 1.4.1.1
Git Git 1.0.6
Git Git 1.1.6
Git Git 1.2.3
Git-scm Git 0.5
1 EDB exploit
384
VMScore
CVE-2021-4160
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing privat...
Openssl Openssl 3.0.0
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Jd Edwards Enterpriseone Tools 9.2.6.3
Oracle Health Sciences Inform Publisher 6.3.1.1
Oracle Health Sciences Inform Publisher 6.2.1.1
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Oracle Enterprise Manager Ops Center 12.4.0.0
4 Github repositories
383
VMScore
CVE-2012-0791
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 5.0.18 and Horde Groupware Webmail Edition prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compo...
Horde Imp 2.2.7
Horde Dynamic Imp 1.1
Horde Imp 2.2.5
Horde Imp 4.0
Horde Dynamic Imp 1.1.6
Horde Imp 4.1.3
Horde Dynamic Imp 1.1.1
Horde Dynamic Imp 5.0.4
Horde Imp 4.1.6
Horde Imp 5.0.3
Horde Imp 3.1
Horde Imp 5.0.2
Horde Dynamic Imp 5.0.13
Horde Imp 4.3.6
Horde Dynamic Imp 1.0
Horde Dynamic Imp 5.0.5
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 5.0
Horde Imp 4.3.3
Horde Imp 4.2
Horde Dynamic Imp
231
VMScore
CVE-2017-1000092
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciou...
Jenkins Git 0.9.0
Jenkins Git 0.9.1
Jenkins Git 0.9.2
Jenkins Git 1.0.0
Jenkins Git 1.1.11
Jenkins Git 1.1.12
Jenkins Git 1.1.13
Jenkins Git 1.1.14
Jenkins Git 1.1.28
Jenkins Git 1.1.29
Jenkins Git 1.2.0
Jenkins Git 1.3.0
Jenkins Git 2.2.0
Jenkins Git 2.2.1
Jenkins Git 2.2.2
Jenkins Git 2.2.3
Jenkins Git 2.3.0
Jenkins Git 2.3.1
Jenkins Git 2.3.2
Jenkins Git 2.3.3
Jenkins Git 2.5.0
Jenkins Git 2.5.1
174
VMScore
CVE-2020-0551
Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/c...
Intel Core I7-6700k -
Intel Atom C2750 -
Intel Celeron N2840 -
Intel Xeon E5-2658 V2 -
Intel Core I7-4500u -
Intel Core I7-3632qm -
Intel Xeon E3-1240 V5 -
Intel Xeon D-1649n -
Intel Xeon D-1633n -
Intel Xeon D-1637 -
Intel Xeon D-1627 -
Intel Xeon D-1623n -
Intel Xeon D-1622 -
Intel Xeon D-1653n -
Intel Xeon D-1602 -
Intel Xeon D-2141i -
Intel Xeon D-2177nt -
Intel Xeon D-2161i -
Intel Xeon D-2143it -
Intel Xeon D-2146nt -
Intel Xeon D-2145nt -
Intel Xeon D-2123it -
17 Github repositories
2 Articles
NA
CVE-2022-27664
In net/http in Go prior to 1.18.6 and 1.19.x prior to 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Golang Go 1.19.0
Golang Go
Fedoraproject Fedora 36
Fedoraproject Fedora 37
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »