Lucene search
K

4 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/03/14 12:0 a.m.4 views

heroic-games-launcher-2.20.1-3.1 on GA media (moderate)

heroic-games-launcher-2.20.1-3.1 on GA media Announcement ID: openSUSE-SU-2026:10327-1 Rating: moderate Cross-References: CVE-2026-28292 CVSS scores: CVE-2026-28292 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...

9.8CVSS5.8AI score0.01296EPSS
Exploits1
NVD
NVD
added 2026/03/10 7:17 p.m.13 views

CVE-2026-28292

simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...

9.8CVSS0.01296EPSS
Exploits1References7
CVE
CVE
added 2026/03/10 6:34 p.m.35 views

CVE-2026-28292

The CVE-2026-28292 entry concerns the Node.js package simple-git. Affected versions are 3.15.0 through 3.32.2 and the issue bypasses prior fixes from CVE-2022-25860 and CVE-2022-25912, enabling full remote code execution on the host. A fix is noted in version 3.23.0. No exploitation details or in...

9.8CVSS6.4AI score0.01296EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/03/10 6:34 p.m.8 views

CVE-2026-28292 simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE

simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...

9.8CVSS6.5AI score0.01296EPSS
Exploits1References4
Rows per page
Query Builder