Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows

Impact Arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accepted tree entries whose filenames contained bytes that Windows interprets as structural path syntax: - \ — the Windows path...

SUSE-SU-2025:20855-1 Security update for git

This update for git fixes the following issues: Update to 2.51.0: - CVE-2025-27613: arbitrary writable file creation and truncation in Gitk bsc1245938 - CVE-2025-27614: arbitrary script execution via repo clonation in gitk bsc1245939 - CVE-2025-46835: untrusted repository cloning can lead to...

EUVD-2023-43543

Malicious code in bioql PyPI...

AZL-42022 CVE-2024-32004 affecting package git for versions less than 2.39.4-1

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1,...

CVE-2023-26941

Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original...

PT-2023-20863 · Yale · Yale Ia-210 Alarm

Name of the Vulnerable Software and Affected Versions: Yale IA-210 Alarm version 1.0 Description: The issue is related to weak encryption mechanisms in RFID Tags, allowing attackers to create a cloned tag via physical proximity to the original. Recommendations: For Yale IA-210 Alarm version 1.0,...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. GitLab suffers from a security vulnerability that stems from the fact that maj...