366 matches found
CVE-2016-3105
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
PYSEC-2016-28
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
Code injection
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
CVE-2016-3105
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
CVE-2016-3105
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
CVE-2016-3105
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
Amazon Linux AMI : mercurial (ALAS-2016-697)
It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. CVE-2016-3068 The binary delta decoder in Mercurial before 3.7.3 allows remote...
Important: Red Hat Security Advisory: mercurial security update
An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
PYSEC-2016-27
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
Code injection
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
PYSEC-2016-27
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
CVE-2016-3069
CVE-2016-3069 affects Mercurial up to version 3.7.2, where a crafted Git repository name used during conversion can cause remote code execution. The root cause is insufficient sanitization in the convert path when handling Git sub-repository URLs/names, enabling arbitrary code execution. Impact i...
Amazon Linux: Security Advisory (ALAS-2016-672)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AVM FRITZ!Box 6.30 - Remote Buffer Overflow
AVM FRITZ!Box 6.30 - Remote Buffer Overflow Advisory: AVM FRITZ!Box: Remote Code Execution via Buffer Overflow RedTeam Pentesting discovered that several models of the AVM FRITZ!Box are vulnerable to a stack-based buffer overflow, which allows attackers to execute arbitrary code on the device...
HTTP Git Scanner
This module can detect situations where there may be information disclosure vulnerabilities that occur when a Git repository is made available over HTTP. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Web Server Exposed Git Repository Information Disclosure
An information disclosure vulnerability has been reported in Git Repository. Successful exploitation of this vulnerability could allow an unintentional disclosure of account information...