Lucene search
K

219 matches found

OpenVAS
OpenVAS
added 2020/08/31 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for libgit2 (EulerOS-SA-2020-1861)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.0511EPSS
Exploits0References2
Securelist
Securelist
added 2020/07/14 10:0 a.m.55 views

The Tetrade: Brazilian banking malware goes global

Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the worlds busiest and most creative perpetrators of cybercrime. Like their counterparts in China and Russia, their cyberattacks have a stron...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/04/29 2:10 p.m.40 views

CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS3.5AI score0.24014EPSS
Exploits0References3
OSV
OSV
added 2020/04/27 5:15 p.m.1 views

DEBIAN-CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS9.3AI score0.0511EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/04/27 5:15 p.m.25 views

CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS7.8AI score0.0511EPSS
Exploits0References5
Prion
Prion
added 2020/04/27 5:15 p.m.23 views

Remote code execution

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

7.5CVSS8.6AI score0.24014EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2020/04/27 5:15 p.m.1 views

UBUNTU-CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS7.8AI score0.0511EPSS
Exploits0References6
Microsoft Secure
Microsoft Secure
added 2020/03/23 4:0 p.m.120 views

Latest Astaroth living-off-the-land attacks are even more invisible but not less observable

Following a short hiatus, Astaroth came back to life in early February sporting significant changes in its attack chain. Astaroth is an info-stealing malware that employs multiple fileless techniques and abuses various legitimate processes to attempt running undetected on compromised machines. Th...

Exploits0
exploitpack
exploitpack
added 2020/01/29 12:0 a.m.92 views

Microsoft Windows 10 - Theme API ThemePack File Parsing

Microsoft Windows 10 - Theme API ThemePack File Parsing Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Google Dork: n/a Date: 2020-10-28 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10...

9.3CVSS0.1AI score0.59885EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/01/29 12:0 a.m.952 views

Microsoft Windows 10 - Theme API 'ThemePack' File Parsing

Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Google Dork: n/a Date: 2020-10-28 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10 v.1803 17134.407 Tested on: Windows 7, 8.0, 8.1, 10, Serve...

9.3CVSS7.6AI score0.46406EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2020/01/27 8:55 a.m.5 views

git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387...

9.3CVSS8.1AI score0.24014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/01/02 8:56 a.m.8 views

git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387...

9.3CVSS8.1AI score0.24014EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/12/23 12:0 a.m.69 views

Oracle Linux 8 : git (ELSA-2019-4356)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4356 advisory. - Remote code execution in recursive clones with nested submodules Resolves: CVE-2019-1387 Tenable has extracted the preceding description block direct...

9.3CVSS7.7AI score0.34007EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/12/19 7:18 p.m.9 views

git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387...

9.3CVSS8.1AI score0.24014EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/12/13 12:0 a.m.160 views

Amazon Linux AMI : git (ALAS-2019-1325)

The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. ...

9.8CVSS7.1AI score0.34007EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2019/12/10 12:0 a.m.2 views

PT-2019-6259 · Libgit2 +3 · Libgit2 +3

Name of the Vulnerable Software and Affected Versions: libgit2 versions prior to 0.28.4 libgit2 versions 0.9x prior to 0.99.0 Description: The issue is related to the path.c component of libgit2, which mishandles equivalent filenames due to NTFS Alternate Data Streams. This may allow a remote...

10CVSS7.4AI score0.24014EPSS
Exploits1References59
myhack58
myhack58
added 2019/04/16 12:0 a.m.159 views

. NET advanced code audit of the nine classes BinaryFormatter deserialization vulnerability-vulnerability warning-the black bar safety net

The BinaryFormatter and SoapFormatter two classes the difference between the data streams of different formats, other features on both about the same, the BinaryFormatter is located in the namespace System. Runtime. Serialization. Formatters. Binary it is the direct use of binary the way the obje...

2.1AI score
Exploits0
Fedora
Fedora
added 2019/03/21 9:9 p.m.42 views

[SECURITY] Fedora 28 Update: tcpflow-1.5.0-4.fc28

tcpflow is a program that captures data transmitted as part of TCP connections flows, and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being...

5.5CVSS2.2AI score0.01302EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.9 views

The vulnerability of the Libvirt virtualization management library, related to a bug that leads to excessive memory consumption, allows a hacker to trigger a service failure.

The vulnerability of the Libvirt virtualization management library is related to an error that causes excessive memory consumption when processing large data streams by QEMU. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS6.5AI score0.02955EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2018/12/18 12:0 a.m.5 views

The vulnerability of the Libvirt virtualization management library, related to a bug that leads to excessive memory consumption, allows a hacker to trigger a service failure.

The vulnerability of the Libvirt virtualization management library is related to an error that causes excessive memory consumption when processing large data streams by QEMU. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS6.5AI score0.03175EPSS
Exploits0References6Affected Software4
Rows per page
Query Builder