26 matches found
GHSA-7VP9-X248-9VR9 TYPO3 CMS Allows Insecure Deserialization via Mailer File Spool
Problem Local platform users who can write to TYPO3’s mail‑file spool directory can craft a file that the system will automatically deserialize without any class restrictions. This flaw allows an attacker to inject and execute arbitrary PHP code in the public scope of the web server. The...
EUVD-2021-23700
Malware in sbrugna...
EUVD-2019-14826
Malware in sbrugna...
CVE-2021-37124
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...
CVE-2019-5221
There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected...
go-git: argument injection via the URL field
An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport...
go-git: argument injection via the URL field
An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport...
Argument Injection
github.com/go-git/go-git is vulnerable to an Argument Injection. The vulnerability is due to improper validation of input arguments passed to the git-upload-pack flags, which allows arbitrary values to be injected when using the file transport protocol...
SUSE CVE-2025-21613
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
CVE-2025-21613
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
AZL-55088 CVE-2025-21613 affecting package cri-o for versions less than 1.22.3-12
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
DEBIAN-CVE-2025-21613
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
AZL-55060 CVE-2025-21613 affecting package packer for versions less than 1.9.5-5
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
AZL-55094 CVE-2025-21613 affecting package packer for versions less than 1.9.5-7
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
AZL-55067 CVE-2025-21613 affecting package cri-o 1.30.1-1
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
UBUNTU-CVE-2025-21613
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
CVE-2025-21613
CVE-2025-21613 affects the go-git library. Affected: go-git prior to 5.13.0. Issue: argument injection vulnerability allowing an attacker to set arbitrary values on git-upload-pack flags when using the file transport protocol (shelling out to git binaries). Impact: potential disclosure/integrity/...
PT-2025-1014
Name of the Vulnerable Software and Affected Versions go-git versions prior to v5.13 Description An argument injection vulnerability was discovered in go-git. The successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
CVE-2021-37124
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...
Path traversal
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...