Exploit for Uncontrolled Search Path Element in Git_Large_File_Storage_Project Git_Large_File_Storage

Git-lfs Remote Code Execution RCE exploit CVE-2020-27955 .b...

RCE via git-lfs in Sourcetree for Windows - CVE-2021-21237

There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system. Thi...

RCE via git-lfs in Sourcetree for Windows - CVE-2021-21237

There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system. Thi...

RCE via git-lfs in Sourcetree for Windows - CVE-2020-27955

There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system...

RCE via git-lfs in Sourcetree for Windows - CVE-2020-27955

There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system...

git-lfs Remote Code Execution

/ Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go Discovered by Dawid Golunski https://legalhackers.com https://exploitbox.io Affected RCE exploit: Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken / SmartGit /...

Exploit for Uncontrolled Search Path Element in Git_Large_File_Storage_Project Git_Large_File_Storage

Git-lfs Remote Code Execution RCE exploit CVE-2020-27955 .b...

Git submodules vulnerability in Sourcetree for Windows - CVE-2020-5260

There was a vulnerability in Sourcetree for macOS and windows that could reveal Git user credentials via maliciously crafted URL by an attacker, This vulnerability is triggered when the affected version of Git is used to execute a git clone command on a malicious URL. Affected versions of Atlassi...

Git submodules vulnerability in Sourcetree for Windows - CVE-2020-5260

There was a vulnerability in Sourcetree for macOS and windows that could reveal Git user credentials via maliciously crafted URL by an attacker, This vulnerability is triggered when the affected version of Git is used to execute a git clone command on a malicious URL. Affected versions of Atlassi...

Git submodules vulnerability in Sourcetree for Mac - CVE-2020-5260

There was a vulnerability in Sourcetree for macOS and windows that could reveal Git user credentials via maliciously crafted URL by an attacker, This vulnerability is triggered when the affected version of Git is used to execute a git clone command on a malicious URL. Affected versions of Atlassi...

Git submodules vulnerability in Sourcetree for Mac - CVE-2020-5260

There was a vulnerability in Sourcetree for macOS and windows that could reveal Git user credentials via maliciously crafted URL by an attacker, This vulnerability is triggered when the affected version of Git is used to execute a git clone command on a malicious URL. Affected versions of Atlassi...

Atlassian SourceTree 0.5a < 3.1.3 Remote Code Execution vulnerability

The version of Atlassian SourceTree installed on the remote Windows host is version 0.5a prior to 3.1.3. It is, therefore, affected by a remote code execution vulnerability in the URI handling component. An unauthenticated, remote attacker could exploit this, via sending a malicious URL to a vict...

Atlassian Sourcetree Parameter Injection Vulnerability (CNVD-2019-19302)

Atlassian Sourcetree is a free Git and Mercurial client tool from Atlassian Australia that manages repositories using a visual interface. A parameter injection vulnerability exists in Atlassian Sourcetree versions prior to 3.1.3 for Windows URI processors. The vulnerability stems from a network...

Design/Logic Flaw

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI...

CVE-2019-11582

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI...

CVE-2019-11582

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI...

CVE-2019-11582

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI...

CVE-2019-11582

Atlassian SourceTree for Windows is affected by CVE-2019-11582. A remote code execution vulnerability exists in the URI handling component for Windows versions starting with 0.5a up to, but not including, 3.1.3. An unauthenticated attacker can exploit this by sending a crafted URI; user interacti...

Remote code execution vulnerability for Sourcetree for Windows - CVE-2019-11582

There was an argument injection vulnerability in SourceTree for Windows in URI handlers. A remote, unauthenticated attacker was required to convince a user to interact with a crafted URL in order to exploit the vulnerability. With user interaction, an attacker could gained remote code execution o...

Remote code execution vulnerability for Sourcetree for Windows - CVE-2019-11582

There was an argument injection vulnerability in SourceTree for Windows in URI handlers. A remote, unauthenticated attacker was required to convince a user to interact with a crafted URL in order to exploit the vulnerability. With user interaction, an attacker could gained remote code execution o...