Lucene search
+L

4 matches found

opensuse
opensuse
added 2026/03/14 12:0 a.m.4 views

heroic-games-launcher-2.20.1-3.1 on GA media (moderate)

heroic-games-launcher-2.20.1-3.1 on GA media Announcement ID: openSUSE-SU-2026:10327-1 Rating: moderate Cross-References: CVE-2026-28292 CVSS scores: CVE-2026-28292 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...

9.8CVSS5.8AI score0.01296EPSS
Exploits1
nvd
nvd
added 2026/03/10 7:17 p.m.14 views

CVE-2026-28292

simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...

9.8CVSS0.01296EPSS
Exploits1References7
cve
cve
added 2026/03/10 6:34 p.m.37 views

CVE-2026-28292

The CVE-2026-28292 entry concerns the Node.js package simple-git. Affected versions are 3.15.0 through 3.32.2 and the issue bypasses prior fixes from CVE-2022-25860 and CVE-2022-25912, enabling full remote code execution on the host. A fix is noted in version 3.23.0. No exploitation details or in...

9.8CVSS6.4AI score0.01296EPSS
Exploits1References7Affected Software1
osv
osv
added 2026/03/10 6:34 p.m.10 views

CVE-2026-28292 simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key that enables RCE

simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...

9.8CVSS6.7AI score0.01296EPSS
Exploits1References9
Rows per page
Query Builder