Lucene search
+L

7 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/04/26 7:49 p.m.56 views

Metasploit Weekly Wrap-Up 04/26/24

Rancher Modules This week, Metasploit community member h00die added the second of two modules targeting Rancher instances. These modules each leak sensitive information from vulnerable instances of the application which is intended to manage Kubernetes clusters. These are a great addition to...

7.5CVSS10AI score0.99999EPSS
Exploits62
0day.today
0day.today
added 2024/04/23 12:0 a.m.523 views

GitLens Git Local Configuration Execution Exploit

GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a malicious config file to execute arbitrary code. Tested against VSCode 1.87.2 with GitLens 13.6.0 on Ubuntu 22.04 and Windows 10. This module require...

7.8CVSS8AI score0.01322EPSS
Exploits4
Metasploit
Metasploit
added 2024/04/19 7:51 p.m.271 views

GitLens Git Local Configuration Exec

GitKraken GitLens before v.14.0.0 allows an untrusted workspace to execute git commands. A repo may include its own .git folder including a malicious config file to execute arbitrary code. Tested against VSCode 1.87.2 with GitLens 13.6.0 on Ubuntu 22.04 and Windows 10 Module Options msf use...

7.8CVSS7.8AI score0.01322EPSS
Exploits4
Circl
Circl
added 2023/12/20 9:42 a.m.9 views

CVE-2023-46944

creationtimestamp| type| source ---|---|--- 2023-12-20 09:42:30+00:00| seen| https://t.me/ctinow/156827 2024-04-19 00:45:19+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/fileformat/gitlenslocalconfigexec.rb 2024-04-20 00:44:19+00:00| seen|...

7.8CVSS7.5AI score0.01322EPSS
Exploits4References4
NVD
NVD
added 2023/11/28 10:15 p.m.33 views

CVE-2023-46944

An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component...

7.8CVSS0.01322EPSS
Exploits4References2
ATTACKERKB
ATTACKERKB
added 2023/11/28 10:15 p.m.64 views

CVE-2023-46944

An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component...

7.8CVSS6.2AI score0.01322EPSS
Exploits4References4
CVE
CVE
added 2023/11/28 12:0 a.m.58 views

CVE-2023-46944

CVE-2023-46944 affects GitKraken GitLens plugins for VSCode prior to 14.0.0. A crafted file can be used to coerce the Visual Studio Code workspace trust component into executing arbitrary code, via a local attack vector. Root cause cited: insufficient input validation in GitLens workflow context ...

7.8CVSS7.7AI score0.01322EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder