3096 matches found
PT-2024-12724 · WordPress · Wp Clone Menu
Name of the Vulnerable Software and Affected Versions: WP Clone Menu versions 1.0.1 and earlier Description: A Missing Authorization issue has been identified. This issue affects the WP Clone Menu plugin. Recommendations: For WP Clone Menu versions 1.0.1 and earlier, at the moment, there is no...
ROS-20240611-16
A vulnerability in the gitpython package is related to external git calls without sufficiently cleaning up input arguments. Exploitation of the vulnerability could allow an attacker acting remotely to inject a malicious remote URL into a clone command...
CVE-2024-35242 Composer vulnerable to command injection via malicious git/hg branch names
Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the composer install command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are availab...
pip: Mercurial configuration injectable in repo revision when installing via pip
A flaw was found in the Python pip package. The pip could allow a local authenticated attacker to bypass security restrictions due to a flaw when installing a package from a Mercurial VCS URL. By sending a specially crafted request, an attacker can inject arbitrary configuration options to the "h...
Exploit for OS Command Injection in Php
CVE-2024-4577 Vulnerability Checker This script is designed t...
Fedora: Security Advisory for rust-bat (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: git
Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...
kernel: netfilter: nf_tables: possible module reference underflow in error path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: possible module reference underflow in error path dst-ops is set on when nftexprclone fails, but module refcount has not been bumped yet, therefore nftexprdestroy leads to module reference underflow...
SUSE CVE-2021-47433
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...
Important: git
Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...
BIT-GIT-2024-32002 Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory...
SUSE CVE-2021-47236
In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no chance to free original skb. fix it by free orginal skb in eemtxfixu...
RUSTSEC-2024-0350 Traversal outside working tree enables arbitrary code execution
Summary During checkout, gitoxide does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. Details Although gix-worktree-state checks for collisions with existing files, it does not...
DEBIAN-CVE-2021-47433
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...
UBUNTU-CVE-2021-47433
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfsreplacefileextents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide...
CVE-2021-47366
Summary (CVE-2021-47366) : In the Linux kernel AFS client vulnerability, reads from an OpenAFS server could be corrupted when file positions or read lengths exceeded 2G, due to switching between FS.FetchData (signed 32-bit pos/len) and FS.FetchData64. The fix captures file server capabilities via...
CVE-2021-47366 afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server
In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...
Exploit for Unrestricted Upload of File with Dangerous Type in Git
git clone을 통한 Remote Code Execution 공격 CVE-2024-32002 기여자...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from exit tunneling code that uses dstclone and sets the result directly...
Exploit for Unrestricted Upload of File with Dangerous Type in Git
CVE-2024-32002: Exploiting Git RCE via git clone This repos...