Lucene search
K

26 matches found

OSV
OSV
added 2026/01/13 9:54 p.m.2 views

GHSA-7VP9-X248-9VR9 TYPO3 CMS Allows Insecure Deserialization via Mailer File Spool

Problem Local platform users who can write to TYPO3’s mail‑file spool directory can craft a file that the system will automatically deserialize without any class restrictions. This flaw allows an attacker to inject and execute arbitrary PHP code in the public scope of the web server. The...

5.2CVSS7.6AI score0.00165EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-23700

Malware in sbrugna...

6.5CVSS6.5AI score0.00294EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-14826

Malware in sbrugna...

6.5CVSS6.6AI score0.00468EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.6 views

CVE-2021-37124

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...

6.5CVSS6.6AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 a.m.6 views

CVE-2019-5221

There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected...

6.5CVSS7AI score0.00468EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/01/23 9:34 a.m.3 views

go-git: argument injection via the URL field

An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport...

9.8CVSS7.4AI score0.0124EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/20 1:40 a.m.2 views

go-git: argument injection via the URL field

An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport...

9.8CVSS7.4AI score0.0124EPSS
Exploits0References6
Veracode
Veracode
added 2025/01/13 7:48 a.m.12 views

Argument Injection

github.com/go-git/go-git is vulnerable to an Argument Injection. The vulnerability is due to improper validation of input arguments passed to the git-upload-pack flags, which allows arbitrary values to be injected when using the file transport protocol...

9.8CVSS7.2AI score0.0124EPSS
Exploits0References3Affected Software2
SUSE CVE
SUSE CVE
added 2025/01/10 12:19 a.m.5 views

SUSE CVE-2025-21613

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

8.1CVSS7.4AI score0.0124EPSS
Exploits0References17
NVD
NVD
added 2025/01/06 5:15 p.m.33 views

CVE-2025-21613

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.7 views

AZL-55088 CVE-2025-21613 affecting package cri-o for versions less than 1.22.3-12

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.3 views

DEBIAN-CVE-2025-21613

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.2CVSS7.1AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.7 views

AZL-55060 CVE-2025-21613 affecting package packer for versions less than 1.9.5-5

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.6 views

AZL-55094 CVE-2025-21613 affecting package packer for versions less than 1.9.5-7

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.5 views

AZL-55067 CVE-2025-21613 affecting package cri-o 1.30.1-1

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.2 views

UBUNTU-CVE-2025-21613

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References4
CVE
CVE
added 2025/01/06 4:13 p.m.437 views

CVE-2025-21613

CVE-2025-21613 affects the go-git library. Affected: go-git prior to 5.13.0. Issue: argument injection vulnerability allowing an attacker to set arbitrary values on git-upload-pack flags when using the file transport protocol (shelling out to git binaries). Impact: potential disclosure/integrity/...

9.8CVSS9.3AI score0.0124EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/06 12:0 a.m.7 views

PT-2025-1014

Name of the Vulnerable Software and Affected Versions go-git versions prior to v5.13 Description An argument injection vulnerability was discovered in go-git. The successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.9CVSS7.2AI score0.75197EPSS
Exploits7References112
NVD
NVD
added 2021/10/27 1:15 a.m.24 views

CVE-2021-37124

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...

6.5CVSS0.00294EPSS
Exploits0References1
Prion
Prion
added 2021/10/27 1:15 a.m.15 views

Path traversal

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...

3.3CVSS6.2AI score0.00294EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder