Lucene search
+L

31 matches found

CNNVD
CNNVD
added 2025/09/09 12:0 a.m.7 views

interactive-git-checkout 命令注入漏洞

interactive-git-checkout is a branch switching software by the individual developer Nino Filiu. A command injection vulnerability exists in interactive-git-checkout 1.1.4 and earlier versions, which stems from a failure to validate input or clean up branch names, which could lead to a command...

9.8CVSS7AI score0.01176EPSS
Exploits0References3
Huntr
Huntr
added 2021/05/12 2:13 p.m.9 views

OS Command Injection in falconchristmas/fpp

✍️ Description Hi, in https://github.com/FalconChristmas/fpp/blob/721c99aed6897792bf7f79fa02a280995e27d409/www/gitCheckoutVersion.phpL38 : php A system function is called with a user input, a malicious user could profit from it if the version variable contains a command 🕵️‍♂️ Proof of Concept...

2.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/10/16 9:7 a.m.6 views

docker: command injection due to a missing validation of the git ref command

A command injection flaw was discovered in Docker during the docker build command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the git fetch/git checkout commands that are executed by Docker and to execute code with the...

8.4CVSS7.6AI score0.02025EPSS
Exploits1References4
Veracode
Veracode
added 2018/06/18 10:55 a.m.12 views

Remote Code Execution (RCE)

funcster is vulnerable to remote code execution RCE attacks. The application uses the unsafe shell execution API commands, allowing a malicious user to inject and execute arbitrary code through the git checkout command...

8.2AI score
Exploits0
Veracode
Veracode
added 2018/06/18 8:52 a.m.9 views

Remote Code Execution (RCE)

pullit is vulnerable to remote code execution RCE attacks. The application uses the unsafe shell execution API commands, allowing a malicious user to inject and execute arbitrary code through the git checkout command...

8.2AI score
Exploits0
OSV
OSV
added 2017/10/05 9:29 p.m.7 views

UBUNTU-CVE-2017-15041

Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository includes a Git...

9.8CVSS7AI score0.08944EPSS
Exploits0References5
NVD
NVD
added 2014/07/22 2:55 p.m.18 views

CVE-2014-5023

Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a "git checkout -b" command...

6.8CVSS7.6AI score0.03358EPSS
Exploits1References1
NVD
NVD
added 2006/01/31 11:3 a.m.20 views

CVE-2006-0477

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...

7.5CVSS7.9AI score0.03182EPSS
Exploits0References5
Prion
Prion
added 2006/01/31 11:3 a.m.13 views

Buffer overflow

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...

7.5CVSS8.5AI score0.03182EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/01/31 11:0 a.m.50 views

CVE-2006-0477

CVE-2006-0477 describes a buffer overflow in Git’s git-checkout-index, affecting Git versions prior to 1.1.5. An attacker could cause remote arbitrary code execution by providing an index file containing a long symbolic link. The vulnerability is triggered during index handling by git-checkout-in...

7.5CVSS7.9AI score0.03182EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/01/31 11:0 a.m.27 views

CVE-2006-0477

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...

7.9AI score0.03182EPSS
Exploits0References5
Rows per page
Query Builder