CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3098 matches found

Tenable Nessus•added 2023/01/05 12:0 a.m.•42 views

EulerOS 2.0 SP11 : git (EulerOS-SA-2023-1034)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and...

8.8CVSS7.4AI score0.02579EPSS

Exploits1References3

Snyk•added 2022/12/20 1:16 p.m.•1 views

Remote Code Execution (RCE)

Overview simple-git is a light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE via the clone, pull, push and listRemote methods, due to improper input sanitization. This vulnerability exists due to...

9.8CVSS7.6AI score0.34733EPSS

Exploits2References2

Cvelist•added 2022/12/12 1:49 a.m.•27 views

CVE-2022-24439 Remote Code Execution (RCE)

All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...

8.1CVSS9.8AI score0.68859EPSS

Exploits1References8

Vulnrichment•added 2022/12/12 1:49 a.m.•5 views

CVE-2022-25912 Remote Code Execution (RCE)

The package simple-git before 3.15.0 are vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due to an incomplete fix of CVE-2022-24066...

8.1CVSS7.8AI score0.27739EPSS

Exploits1References5

Veracode•added 2022/12/08 3:15 a.m.•28 views

Remote Code Execution (RCE)

simple-git is vulnerable to remote code execution.The vulnerability exists in the clone function of git.js because of enabling the ext transport protocol which allows an attacker to inject and execute arbitrary codes into the system. This is an incomplete fix of CVE-2022-24066...

9.8CVSS9.4AI score0.27739EPSS

Exploits2References5Affected Software1

RedhatCVE•added 2022/12/07 3:1 p.m.•36 views

CVE-2022-24439

A remote code execution vulnerability exists in Git-python. By injecting a malicious URL into the clone command, an attacker can exploit this vulnerability as the library makes external calls to git without any input sanitization. This issue leads to complete system compromise...

9.8CVSS4AI score0.68859EPSS

Exploits1References4

Github Security Blog•added 2022/12/06 6:30 a.m.•41 views

GitPython vulnerable to Remote Code Execution due to improper user input validation

9.8CVSS3.9AI score0.68859EPSS

Exploits1References20Affected Software1

OSV•added 2022/12/06 6:30 a.m.•35 views

GHSA-9P95-FXVG-QGQ2 simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol

The package simple-git before 3.15.0 is vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due to an incomplete fix of CVE-2022-24066...

8.1CVSS9AI score0.27739EPSS

Exploits1References7

Github Security Blog•added 2022/12/06 6:30 a.m.•29 views

simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol

9.8CVSS4.5AI score0.27739EPSS

Exploits1References7Affected Software1

OSV•added 2022/12/06 6:30 a.m.•2 views

GHSA-HCPJ-QP55-GFPH GitPython vulnerable to Remote Code Execution due to improper user input validation

9.2CVSS7.3AI score0.68859EPSS

Exploits1References20

OSV•added 2022/12/06 5:15 a.m.•20 views

CVE-2022-25912

9.8CVSS9.8AI score

Exploits0References5

OSV•added 2022/12/06 5:15 a.m.•21 views

CVE-2022-24439

9.8CVSS9.6AI score

Exploits0References9

OSV•added 2022/12/06 5:15 a.m.•1 views

DEBIAN-CVE-2022-24439

9.8CVSS8.6AI score0.68859EPSS

Exploits1References1

Prion•added 2022/12/06 5:15 a.m.•19 views

Design/Logic Flaw

7.5CVSS9.6AI score0.27739EPSS

Exploits2References5Affected Software1

UbuntuCve•added 2022/12/06 5:15 a.m.•78 views

CVE-2022-24439

9.8CVSS7.2AI score0.68859EPSS

Exploits1References5

OSV•added 2022/12/06 5:15 a.m.•0 views

PYSEC-2022-42992

9.8CVSS7.3AI score0.68859EPSS

Exploits1References4

PyPA•added 2022/12/06 5:15 a.m.•5 views

PYSEC-2022-42992

9.8CVSS7.7AI score0.68859EPSS

Exploits1References7Affected Software1

OSV•added 2022/12/06 5:15 a.m.•2 views

UBUNTU-CVE-2022-24439

9.8CVSS7.3AI score0.68859EPSS

Exploits1References6

Positive Technologies•added 2022/12/06 12:0 a.m.•2 views

PT-2022-17600

Name of the Vulnerable Software and Affected Versions simple-git versions prior to 3.15.0 Description The issue allows for Remote Code Execution RCE when the ext transport protocol is enabled, making it exploitable via the clone method. This is due to an incomplete fix of a previous issue...

9.8CVSS8.6AI score0.27739EPSS

Exploits1References19

CNNVD•added 2022/12/06 12:0 a.m.•3 views

Simple Git 操作系统命令注入漏洞

Simple Git is a lightweight interface from Steve King Personal Developer in the UK. It is used to run Git commands in any Node.js application. An operating system command injection vulnerability exists in Simple Git versions prior to 3.15.0, which stems from vulnerability to Remote Code Execution...

9.8CVSS8.5AI score0.27739EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by