Lucene search
K

769 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.2 views

SUSE CVE-2022-41903

Git is distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is a integer overflow in...

7.8CVSS9.2AI score0.44268EPSS
Exploits0References17
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.4 views

IBM Spectrum Scale 格式化字符串错误漏洞

IBM Spectrum Scale is a suite of scalable data and file management solutions from International Business Machines IBM based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping customers reduce storage costs while improvin...

6.5CVSS6.5AI score0.00994EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/02/07 3:52 p.m.4 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/07 3:42 p.m.3 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2023/02/06 8:54 p.m.203 views

CVE-2022-41903

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS4.3AI score0.44268EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/02/06 7:49 p.m.3 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/06 7:42 p.m.5 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/06 4:46 p.m.4 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/06 4:45 p.m.2 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/06 4:39 p.m.6 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
OSV
OSV
added 2023/02/02 9:13 p.m.3 views

CLSA-2023-1675372413 Fix CVE(s): CVE-2023-0433

SECURITY UPDATE: Reading past the end of a line when formatting text - debian/patches/CVE-2023-0433: Check for not going over the end of the line - CVE-2023-0433...

7.8CVSS7.1AI score0.00555EPSS
Exploits1References1
OSV
OSV
added 2023/01/27 8:43 p.m.27 views

CVE-2022-39380 wire-webapp contains Improper Handling of Exceptional Conditions leading to a DoS via Markdown Rendering

Wire web-app is part of Wire communications. Versions prior to 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HTML representation. The error makes it...

5.3CVSS5.2AI score0.00623EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/27 12:0 a.m.7 views

PT-2023-13724 · Wire · Wire

Name of the Vulnerable Software and Affected Versions: Wire web-app versions prior to 2022-11-02 Description: The issue is related to Improper Handling of Exceptional Conditions in the Wire web-app. Certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HT...

5.3CVSS4.9AI score0.00623EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.4 views

Wire 安全漏洞

Wire is a chat program from the German company Wire. The software supports Web, WindowsiOS, Android, and OS X platforms, has a group feature, allows voice calls, sends photos as well as its original greeting method PING. A security vulnerability exists in versions of the Wire web-app prior to...

5.3CVSS5.7AI score0.00623EPSS
Exploits0References2
NVD
NVD
added 2023/01/20 6:15 p.m.20 views

CVE-2023-22910

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

5.4CVSS5.3AI score0.00516EPSS
Exploits1References1
OSV
OSV
added 2023/01/20 6:15 p.m.25 views

CVE-2023-22910

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

5.4CVSS5.3AI score
Exploits0References1
Prion
Prion
added 2023/01/20 6:15 p.m.32 views

Code injection

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

4.9CVSS5.3AI score0.00516EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/01/20 12:0 a.m.26 views

CVE-2023-22910

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

5.6AI score0.00516EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/20 12:0 a.m.12 views

CVE-2023-22910

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

5.5AI score0.00516EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.5 views

PT-2023-18770 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.9 MediaWiki versions 1.36.x through 1.38.x before 1.38.5 MediaWiki versions 1.39.x before 1.39.1 Description: An issue was discovered in MediaWiki that allows JavaScript execution by staff/admin users who do n...

9.8CVSS5.8AI score0.22699EPSS
Exploits27References101
Rows per page
Query Builder