Lucene search
+L

513 matches found

CVE
CVE
added 2021/01/15 5:36 p.m.117 views

CVE-2021-21237

Summary (CVE-2021-21237): Git LFS on Windows is vulnerable to remote code execution when operating on a malicious repository that contains a git.bat or git.exe in the current directory. The Go runtime on Windows includes the current directory for command names without a directory separator, causi...

7.8CVSS8.5AI score0.00436EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/01/15 5:36 p.m.30 views

CVE-2021-21237

Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program would be executed, permitting the attacker to execute arbitrary code. This does not affect Unix...

7.8CVSS9AI score0.00436EPSS
Exploits0
Atlassian
Atlassian
added 2021/01/07 5:7 p.m.52 views

RCE via git-lfs in Sourcetree for Windows - CVE-2020-27955

There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system...

10CVSS5.3AI score0.82715EPSS
Exploits14Affected Software1
Atlassian
Atlassian
added 2021/01/07 5:7 p.m.44 views

RCE via git-lfs in Sourcetree for Windows - CVE-2020-27955

There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system...

10CVSS5.3AI score0.82715EPSS
Exploits14
Check Point Advisories
Check Point Advisories
added 2020/11/28 12:0 a.m.8 views

Git LFS Remote Code Execution (CVE-2020-27955)

A remote code execution vulnerability exists in Git LFS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.8AI score0.82715EPSS
Exploits14
Packet Storm
Packet Storm
added 2020/11/06 12:0 a.m.390 views

git-lfs Remote Code Execution

/ Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go Discovered by Dawid Golunski https://legalhackers.com https://exploitbox.io Affected RCE exploit: Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken / SmartGit /...

8.4AI score0.82715EPSS
Exploits14
NVD
NVD
added 2020/11/05 3:15 p.m.26 views

CVE-2020-27955

Git LFS 2.12.0 allows Remote Code Execution...

10CVSS8.4AI score0.82715EPSS
Exploits14References7
OSV
OSV
added 2020/11/05 3:15 p.m.19 views

CVE-2020-27955

Git LFS 2.12.0 allows Remote Code Execution...

9.8CVSS7AI score0.82715EPSS
Exploits14References7
UbuntuCve
UbuntuCve
added 2020/11/05 3:15 p.m.60 views

CVE-2020-27955

Git LFS 2.12.0 allows Remote Code Execution...

10CVSS7.2AI score0.82715EPSS
Exploits14References4
Prion
Prion
added 2020/11/05 3:15 p.m.25 views

Remote code execution

Git LFS 2.12.0 allows Remote Code Execution...

10CVSS8.6AI score0.82715EPSS
Exploits14References7Affected Software1
AlpineLinux
AlpineLinux
added 2020/11/05 2:57 p.m.53 views

CVE-2020-27955

Git LFS 2.12.0 allows Remote Code Execution...

10CVSS8.9AI score0.82715EPSS
Exploits14
Debian CVE
Debian CVE
added 2020/11/05 2:57 p.m.32 views

CVE-2020-27955

Git LFS 2.12.0 allows Remote Code Execution...

10CVSS8.7AI score0.82715EPSS
Exploits14
Cvelist
Cvelist
added 2020/11/05 2:57 p.m.18 views

CVE-2020-27955

Git LFS 2.12.0 allows Remote Code Execution...

8.3AI score0.82715EPSS
Exploits14References7
Positive Technologies
Positive Technologies
added 2020/11/05 12:0 a.m.3 views

PT-2020-16878 · Github · Git +1

Name of the Vulnerable Software and Affected Versions: Git LFS versions 2.12.0 Git versions prior to 2.29.2 Description: The issue allows Remote Code Execution RCE on Windows systems when Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory. This occu...

10CVSS8.9AI score0.82715EPSS
Exploits14References40
AlmaLinux
AlmaLinux
added 2020/11/03 12:39 p.m.19 views

git-lfs bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0
Rockylinux
Rockylinux
added 2020/11/03 12:39 p.m.18 views

git-lfs bug fix and enhancement update

An update is available for git-lfs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

2.1AI score
Exploits0
OSV
OSV
added 2020/11/03 12:39 p.m.7 views

ALEA-2020:4829 git-lfs bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2020/08/08 12:30 p.m.34 views

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2018/12/13 12:0 a.m.29 views

Gitlab -- Arbitrary File read in GitLab project import with Git LFS

Gitlab reports: Arbitrary File read in GitLab project import with Git LFS...

7.5CVSS2AI score0.02206EPSS
Exploits1References1
Veracode
Veracode
added 2017/12/22 2:56 a.m.32 views

Remote Command Execution (RCE)

github.com/git-lfs/git-lfs is vulnerable to remote code execution RCE attacks. The application does not sanitize ssh:// URLs passed to it, allowing a malicious user to execute arbitrary commands...

8.8CVSS9.2AI score0.03677EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder