Lucene search
K

105 matches found

Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.30 views

GLSA-202003-42 : libgit2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-42 libgit2: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libgit2. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly overwrite arbitrary paths,...

9.3CVSS7.4AI score0.25666EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.30 views

GLSA-202003-30 : Git: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-30 Git: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly overwrite arbitrary paths, execute...

9.8CVSS7.4AI score0.34007EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2020/01/27 8:55 a.m.86 views

git: Arbitrary path overwriting via export-marks in-stream command feature

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...

3.6CVSS5.9AI score0.00427EPSS
Exploits0References5
NVD
NVD
added 2020/01/24 10:15 p.m.18 views

CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

3.6CVSS6.6AI score0.00427EPSS
Exploits0References8
OSV
OSV
added 2020/01/24 10:15 p.m.2 views

DEBIAN-CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

3.3CVSS6.9AI score0.00427EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/01/24 9:14 p.m.19 views

CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

6.8AI score0.00427EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2020/01/24 9:14 p.m.35 views

CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

3.6CVSS7.1AI score0.00427EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/06 12:0 a.m.48 views

Fedora 30 : git (2019-1cec196e20)

Per the upstream release announcement¹, this release fixes 'various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE...

9.8CVSS7AI score0.34007EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2020/01/02 8:56 a.m.6 views

git: Arbitrary path overwriting via export-marks in-stream command feature

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...

3.6CVSS5.9AI score0.00427EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/12/19 7:18 p.m.55 views

git: Arbitrary path overwriting via export-marks in-stream command feature

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...

3.6CVSS5.9AI score0.00427EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.45 views

Fedora 31 : git (2019-c841bcc3b9)

Per the upstream release announcement¹, this release fixes 'various security flaws, which allowed an attacker to overwrite arbitrary paths, remotely execute code, and/or overwrite files in the .git/ directory etc. See the release notes attached for the list for their descriptions and CVE...

9.8CVSS7AI score0.34007EPSS
Exploits1References12
OSV
OSV
added 2019/12/15 6:3 p.m.11 views

MGASA-2019-0393 Updated git packages fix security vulnerabilities

The updated packages fix security vulnerabilities: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could...

9.3CVSS7.4AI score0.34007EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/12/12 12:0 a.m.53 views

Ubuntu 16.04 LTS / 18.04 LTS : Git vulnerabilities (USN-4220-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4220-1 advisory. Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to...

9.8CVSS7.5AI score0.34007EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2019/12/11 12:21 a.m.33 views

CVE-2019-1348

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...

3.6CVSS3.3AI score0.00427EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2019/12/10 7:0 p.m.119 views

USN-4220-1: Git vulnerabilities

Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory...

9.8CVSS7.5AI score0.34007EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2019/12/10 6:0 p.m.25 views

CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

3.6CVSS6.8AI score0.00427EPSS
Exploits0References3
OSV
OSV
added 2019/12/10 6:0 p.m.5 views

UBUNTU-CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

3.3CVSS7.2AI score0.00427EPSS
Exploits0References4
Prion
Prion
added 2019/11/07 9:15 p.m.12 views

Open redirect

syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot...

7.5CVSS7.1AI score0.01725EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/11/07 8:19 p.m.18 views

CVE-2010-2476

syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot...

9.5AI score0.01725EPSS
Exploits0References3
OSV
OSV
added 2019/06/20 12:0 a.m.4 views

UBUNTU-CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use...

8.8CVSS7.3AI score0.00516EPSS
Exploits0References7
Rows per page
Query Builder