Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

CNNVD
CNNVDadded 2024/08/22 12:0 a.m.1 views

gitoxide 安全漏洞

gitoxide is a git implementation written in Rust by the individual developer Sebastian Thiel. A security vulnerability exists in gitoxide that originated from not eliminating line breaks, backspaces, or control characters that appear in repository paths, author and committer names, commit message...

2.5CVSS6.4AI score0.00024EPSS
Exploits0References2
Amazon
Amazonadded 2023/10/19 12:0 a.m.51 views

Important: yum

Issue Overview: Amazon Linux customers may have experienced an issue with our repository metadata in all regions. During this time, EC2 instances accessing metadata from our repositories experienced 500 MB of increased disk usage. Affected Packages: yum Note: This advisory is applicable to Amazon...

6.9AI score
Exploits0
CVE
CVEadded 2021/04/02 5:25 p.m.60 views

CVE-2021-22865

Summary. CVE-2021-22865 is an improper access control vulnerability in GitHub Enterprise Server that allows access tokens generated from a GitHub App’s web authentication flow to read private repository metadata via the REST API without granted permissions. Prerequisites: an attacker must create ...

6.5CVSS6.5AI score0.00226EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2021/04/02 12:0 a.m.2 views

PT-2021-15238 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.0.4 GitHub Enterprise Server versions prior to 2.22.10 GitHub Enterprise Server versions prior to 2.21.18 Description: An improper access control issue was identified that allowed access tokens...

6.5CVSS6.6AI score0.00226EPSS
Exploits0References5
Microsoft CVE
Microsoft CVEadded 2020/11/10 8:0 a.m.1 views

A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories.

...

8.5CVSS7AI score0.04104EPSS
Exploits0
Fedora
Fedoraadded 2020/10/18 3:50 p.m.26 views

[SECURITY] Fedora 32 Update: librepo-1.12.1-1.fc32

A library providing C and Python libcURL like API to downloading reposito ry metadata...

8.5CVSS2.2AI score0.04104EPSS
Exploits0
CNVD
CNVDadded 2020/09/16 12:0 a.m.1 views

Librepo Directory Traversal Vulnerability

Librepo is a library that provides C and Python APIs for downloading packages in rpm-md format and linux repository metadata. A directory traversal vulnerability exists in the Librepo product. The vulnerability stems from a failure of a networked system or product to properly filter special...

8.5CVSS6.9AI score0.04104EPSS
Exploits0References1
Veracode
Veracodeadded 2020/04/10 12:33 a.m.23 views

Privilege Escalation

yum-rhn-plugin is vulnerable to privilege escalation. The vulnerability exists as it was discovered that yum-rhn-plugin did not verify the SSL certificate for all communication with a Red Hat Network server. An attacker able to redirect the network communication between a victim and an RHN server...

2.6CVSS2.2AI score0.00302EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder