CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6810 matches found

RedHat Linux•added 2023/09/04 3:54 p.m.•2 views

Mozilla: XLL file extensions were downloadable without warnings

The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...

4.3CVSS7.1AI score0.0016EPSS

Exploits0References5

RedHat Linux•added 2023/09/04 3:53 p.m.•1 views

Mozilla: XLL file extensions were downloadable without warnings

4.3CVSS7.1AI score0.0016EPSS

Exploits0References5

RedHat Linux•added 2023/09/04 3:52 p.m.•4 views

Mozilla: XLL file extensions were downloadable without warnings

4.3CVSS7.1AI score0.0016EPSS

Exploits0References5

OSV•added 2023/08/31 4:15 p.m.•1 views

CVE-2023-31169

An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...

5.7CVSS5.8AI score

Exploits0References2

OSV•added 2023/08/30 8:8 p.m.•0 views

GHSA-95RP-6GQP-6622 Command Injection Vulnerability in find-exec

Older versions of the package are vulnerable to Command Injection as an attacker controlled parameter. As a result, attackers may run malicious commands. For example: const find = require"find-exec"; find"mplayer; touch hacked" This creates a file named "hacked" on the filesystem. You should neve...

9.8CVSS5.9AI score0.05116EPSS

Exploits0References4

Github Security Blog•added 2023/08/29 11:33 p.m.•55 views

GitPython untrusted search path on Windows systems leading to arbitrary code execution

Summary When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment see big warning in https://docs.python.org/3/library/subprocess.htmlpopen-constructor. GitPython defaults to use the git command, if a user runs GitPython from a repo has a...

7.8CVSS7.1AI score0.00371EPSS

Exploits1References9Affected Software1

OSV•added 2023/08/29 11:33 p.m.•3 views

GHSA-WFM5-V35H-VWF4 GitPython untrusted search path on Windows systems leading to arbitrary code execution

8.6CVSS7.3AI score0.00371EPSS

Exploits1References9

RedhatCVE•added 2023/08/29 10:45 p.m.•14 views

CVE-2023-40590

A flaw was found in Python/Windows. When resolving a program, it looks for the current working directory followed by the PATH environment. GitPython defaults to use the git command if a user runs GitPython from a repo, has a git.exe, or git executable, that program will run instead of the one in...

7.8CVSS6.3AI score0.00371EPSS

Exploits1References5

Mozilla•added 2023/08/29 12:0 a.m.•111 views

Security Vulnerabilities fixed in Firefox 117 — Mozilla

When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been create...

8.6CVSS8.7AI score0.00289EPSS

Exploits0References15Affected Software1

NVD•added 2023/08/28 6:15 p.m.•11 views

CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS7.6AI score0.00371EPSS

Exploits1References2

PyPA•added 2023/08/28 6:15 p.m.•5 views

PYSEC-2023-161

7.8CVSS7.6AI score0.00371EPSS

Exploits1References3Affected Software1

Prion•added 2023/08/28 6:15 p.m.•13 views

Design/Logic Flaw

4.4CVSS7.5AI score0.00371EPSS

Exploits1References2Affected Software1

UbuntuCve•added 2023/08/28 6:15 p.m.•31 views

CVE-2023-40590

7.8CVSS7.1AI score0.00371EPSS

Exploits1References3

OSV•added 2023/08/28 6:15 p.m.•0 views

UBUNTU-CVE-2023-40590

7.8CVSS7.2AI score0.00371EPSS

Exploits1References4

OSV•added 2023/08/28 6:15 p.m.•1 views

PYSEC-2023-161

7.8CVSS7.1AI score0.00371EPSS

Exploits1References2

Debian CVE•added 2023/08/28 5:24 p.m.•33 views

CVE-2023-40590

7.8CVSS7.4AI score0.00371EPSS

Exploits1

OSV•added 2023/08/28 5:24 p.m.•13 views

CVE-2023-40590 Untrusted search path on Windows systems leading to arbitrary code execution

7.8CVSS7.5AI score0.00371EPSS

Exploits1References4

GithubExploit•added 2023/08/28 4:56 a.m.•536 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 PoC Proof Of Concept This is an easy to use...

7.8CVSS7.4AI score0.93865EPSS

Exploits49

Positive Technologies•added 2023/08/28 12:0 a.m.•2 views

PT-2023-4751 · Gitpython +1 · Gitpython +1

Name of the Vulnerable Software and Affected Versions: GitPython affected versions not specified Description: The issue is related to how Python interacts with Windows systems, specifically when resolving a program. GitPython defaults to use the git command, and if a user runs it from a repositor...

8.6CVSS6.1AI score0.00371EPSS

Exploits2References33

CNNVD•added 2023/08/28 12:0 a.m.•2 views

GitPython 代码问题漏洞

GitPython is a Python library for interacting with Git repositories open-sourced by gitpython-developers. A code issue vulnerability exists in GitPython 3.1.32 and earlier versions, which stems from the fact that an attacker can trick a user into downloading a repository with a malicious git...

7.8CVSS7.5AI score0.00371EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by