Lucene search
+L

97 matches found

Microsoft CVE
Microsoft CVE
added 2025/07/08 2:0 p.m.7 views

GitHub: CVE-2025-27613 Gitk Arguments Vulnerability

CVE-2025-27613 is regarding a vulnerability in Gitk where when a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file encoding" must have been enabled. The operation "Show origin of thi...

3.6CVSS6.4AI score0.00287EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/08 2:0 p.m.8 views

GitHub: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability

CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. GitHub created th...

8.6CVSS6.1AI score0.00314EPSS
Exploits0
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.4 views

Gitk 操作系统命令注入漏洞

Gitk is an open source graphical tool that comes with Git for viewing information such as commit history and branch structure of a Git repository. Gitk suffers from an operating system command injection vulnerability that stems from the following: a user who clones the repository can be tricked...

8.6CVSS9.1AI score0.00314EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.3 views

Gitk 操作系统命令注入漏洞

Gitk is an open source graphical tool that comes with Git to view information such as commit history and branch structure of Git repositories. Gitk suffers from an operating system command injection vulnerability that stems from the ability to create and truncate any writable file when a user...

3.6CVSS7.2AI score0.00287EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.1 views

Astra Linux – Vulnerability in Git

Gitk is a Tcl/Tk-based Git history browser. Starting with version 2.41.0, a Git repository can be manipulated in such a way that, through some social engineering, a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... provided by the...

8.6CVSS7.1AI score0.00314EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Git

Gitk is a Tcl/Tk-based Git history browser. Starting with version 1.7.0, when a user clones an untrusted repository and runs Gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option “Support per-file encoding” must have been...

3.6CVSS6.5AI score0.00287EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/14 8:38 p.m.6 views

CVE-2023-23618 gitk can inadvertently call executables in the worktree

Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when gitk is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running...

8.6CVSS8.8AI score0.00385EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/14 8:38 p.m.41 views

CVE-2023-23618 gitk can inadvertently call executables in the worktree

Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when gitk is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running...

8.6CVSS8.8AI score0.00385EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.3 views

PT-2023-5950 · Git · Git

Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.39.2 Description: The issue is related to the execution of untrusted code when gitk is run on Windows. This can be exploited through social engineering to trick users into running untrusted code. The proble...

8.6CVSS8AI score0.00385EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2023/01/19 12:0 a.m.9 views

Ubuntu 18.04 LTS / 20.04 LTS : Git regression (USN-5810-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5810-2 advisory. USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Tenab...

5.6AI score
Exploits0References1
Cent OS
Cent OS
added 2017/08/24 9:43 a.m.106 views

emacs, git, gitk, gitweb, perl security update

CentOS Errata and Security Advisory CESA-2017:2484 An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.8AI score0.77823EPSS
Exploits9References7
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.9 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the integrity of protected information.

The vulnerability of the gitk-1.7.1 package for the CentOS operating system can lead to a breach of protected information. Exploiting this vulnerability can be carried out remotely...

4.3CVSS5.4AI score0.01661EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.8 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the integrity of protected information.

The vulnerability of the gitk-1.7.1 package for the Red Hat Enterprise Linux operating system can lead to a breach of protected information. This vulnerability can be exploited remotely...

4.3CVSS5.4AI score0.01661EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.8 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the gitk package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.4AI score0.02507EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.41 views

openSUSE Security Update : git (openSUSE-SU-2013:0380-1)

git imap-send was fixed to do SSL host verification. This can be disabled if necessary in the config file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-170. The text descripti...

4.3CVSS6.5AI score0.01661EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/04/28 12:0 a.m.12 views

Debian Security Advisory DSA 1777-1 (git-core)

The remote host is missing an update to git-core announced via advisory DSA 1777-1. OpenVAS Vulnerability Test $Id: deb17771.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1777-1 git-core Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/12/22 12:0 a.m.38 views

Fedora 9 : git-1.5.6.6-1.fc9 (2008-11650)

This update fixes a local privilege escalation bug in gitweb. For details: http://article.gmane.org/gmane.comp.version-control.git/103624 Additionally, gitk has been added as a requirement of git-gui bug 476308 and perlNet::SMTP::SSL has been added as a requirement of git-send-email bug 443615...

4.6CVSS5.2AI score0.00458EPSS
Exploits0References4
Rows per page
Query Builder