git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

gitk: Git file creation flaw

A vulnerability has been identified in the gitk application that could lead to unauthorized file modification or data loss. This flaw manifests in two primary scenarios: - Untrusted Repository Cloning: When a user is tricked into cloning an untrusted Git repository and then uses gitk to visualize...

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

Malicious code in python-uvicorn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5396386b3e45bc2cc83befa80cc1843f6d8374728a22274ffbbc124319ddc16d Malicious copy of uvicorn package with added healthcheck endpoint that exfiltrates application settings/env vars --- Category: MALICIOUS - The campaign has...

CVE-2025-52948

An Improper Handling of Exceptional Conditions vulnerability in Berkeley Packet Filter BPF processing of Juniper Networks Junos OS allows an attacker, in rare cases, sending specific, unknown traffic patterns to cause the FPC and system to crash and restart. BPF provides a raw interface to data...

SUSE CVE-2025-48385

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to...

Git 参数注入漏洞

Git is a free, open source distributed version control system open-sourced by Git. Git suffers from a parameter injection vulnerability that stems from the ability of the Git GUI to create and overwrite any writable file when a user clones an untrusted repository and is tricked into editing a fil...

webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl

A flaw was found in webkitgtk in versions prior to 2.28.3 and in WPE WebKit in versions prior to 2.28.3. The bubblewrap sandbox failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside...

SUSE CVE-2004-0427

The dofork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mmcount counter when an error occurs after the mmstruct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service memory...

Malicious code in nava-clone (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74fb4caf6f9420831f8001a0382c3a357186529a0cf6e822e884eeaa90182ac3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-52480 Registrator.jl Argument Injection Vulnerability

Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious or can be injected using upstream vulnerabilities, an argument injection is possible in the...

CVE-2025-27387

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

CVE-2025-27387

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

CVE-2025-27387

OPPO Clone Phone (CVE-2025-27387) is affected by an information disclosure due to a weak WPA/Wi‑Fi hotspot used to transfer files. The CVE details specify adjacent attack vector with low complexity and no privileges required, yielding confidentiality impact (high) while other impacts are not indi...

CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

OPPO Clone Phone 信息泄露漏洞

OPPO Clone Phone is a cell phone cloning application from the Chinese company OPPO. OPPO Clone Phone suffers from an information leakage vulnerability that originates from the use of a weak password WiFi hotspot to transfer files resulting in information leakage...

PT-2025-26584 · Oppo · Oppo Clone Phone

Name of the Vulnerable Software and Affected Versions: OPPO Clone Phone affected versions not specified Description: The issue concerns the use of a weak password for the WiFi hotspot in OPPO Clone Phone, which is used to transfer files. This weakness results in information disclosure...