Lucene search
K

19 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Git

In connect.c, the gitconnectgit function in Git before version 2.30.1 allows a repository path to contain a newline character. This may lead to unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring...

7.5CVSS7.1AI score0.03074EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: git (UTSA-2026-017428)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017428 advisory. gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as...

7.5CVSS6.8AI score0.03074EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-13584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free...

8.8CVSS8.2AI score0.04446EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/16 8:58 p.m.5 views

CVE-2025-53819

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...

7.9CVSS7.2AI score0.00122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/14 8:42 p.m.2 views

CVE-2025-53819 Nix's privilege dropping to build user broke for macOS

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...

7.9CVSS6.4AI score0.00122EPSS
Exploits0References4
CVE
CVE
added 2025/07/14 8:42 p.m.24 views

CVE-2025-53819

CVE-2025-53819 affects Nix (package manager). On macOS, builds using Nix 2.30.0 ran with elevated privileges (root) instead of the intended build user privileges, due to the privilege-dropping change. The issue is resolved by upgrading to Nix 2.30.1 or later; no public workarounds are documented....

7.9CVSS7.1AI score0.00122EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/07/14 8:42 p.m.5 views

CVE-2025-53819

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...

7.9CVSS5.4AI score0.00122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.6 views

PT-2025-29514 · Nix · Nix

Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.30.1 Description: Nix, a package manager for Linux and other Unix systems, exhibited a privilege escalation issue on macOS. Builds executed with Nix 2.30.0 were performed with elevated privileges root instead of the...

7.9CVSS6.6AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.7 views

PT-2023-26191 · Jenkins · Jenkins Active Directory Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Active Directory Plugin versions 2.30 and earlier Description: The issue allows attackers to capture network traffic between the Jenkins controller and Active Directory servers, potentially obtaining Active Directory credentials. This...

5.9CVSS5.6AI score0.00384EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.43 views

AlmaLinux 8 : GNOME (ALSA-2021:4381)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4381 advisory. - A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lea...

9.8CVSS8AI score0.14542EPSS
Exploits8References30
OSV
OSV
added 2021/08/31 4:15 a.m.1 views

DEBIAN-CVE-2021-40330

gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring...

7.5CVSS7.5AI score0.03074EPSS
Exploits1References1
OSV
OSV
added 2021/08/31 4:15 a.m.2 views

ALPINE-CVE-2021-40330

gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring...

7.5CVSS7AI score0.03074EPSS
Exploits1References1
OSV
OSV
added 2021/03/03 6:15 p.m.2 views

DEBIAN-CVE-2020-13558

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free...

8.8CVSS8.4AI score0.01792EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/02/15 12:0 a.m.56 views

CVE-2020-13558

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free...

8.8CVSS7.6AI score0.01792EPSS
Exploits1References3
OSV
OSV
added 2021/02/15 12:0 a.m.1 views

UBUNTU-CVE-2020-13558

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free...

8.8CVSS7.7AI score0.01792EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/01/07 12:0 a.m.7 views

PT-2021-8149 · Git +5 · Git +5

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.30.1 Description: The issue is related to the git connect git function in the connect.c component of the Git distributed version control system. It allows a repository path to contain a newline character, which may...

9.8CVSS6.8AI score0.88644EPSS
Exploits12References74
CNVD
CNVD
added 2019/12/25 12:0 a.m.4 views

CloudBees Jenkins Gerrit Trigger plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A cross-site request forgery vulnerability exists in CloudBees Jenkins Gerrit Trigger Plugin 2.30.1 and prior versions. The vulnerability stems from a WEB...

8.8CVSS6.9AI score0.00691EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/02/12 12:0 a.m.30 views

Fedora 19 : graphviz-2.30.1-12.fc19 (2014-0621)

This is an update that fixes CVE-2014-1235 and CVE-2014-1236. This is an update that fixes overflow in yyerror. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it a...

10CVSS6.8AI score0.06082EPSS
Exploits2References7
0day.today
0day.today
added 2010/10/31 12:0 a.m.28 views

AdmixDJ DLL Hijacking Exploit (svctaglib.dll)

Exploit for windows platform in category local exploits ============================================= AdmixDJ DLL Hijacking Exploit svctaglib.dll ============================================= || || | || o,7 || . o7 || 4||| ow, : / /...

6.8AI score
Exploits0
Rows per page
Query Builder