Linux Distros Unpatched Vulnerability : CVE-2018-7032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take...

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

CVE-2025-23040 Maliciously crafted remote URLs could lead to credential leak in GitHub Desktop

GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 Exploit My full writeup for how I came to re-...

Exploit for Server-Side Request Forgery in Lobehub Lobe_Chat

CVE-2024-47066 ★ CVE-2024-47066 LobeChat SSRF PoC ★ Descr...

Improper Privilege Management

github.com/openshift/openshift-controller-manager is vulnerable to Improper Privilege Management. The vulnerability is due to misuse of elevated privileges during the build process, where the git-clone container is run with a privileged security context, allowing an attacker to provide a crafted...

OpenShift Controller Manager Improper Privilege Management

A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An...

Red Hat OpenShift Container Platform 安全漏洞

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that help organizations develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in Red Hat OpenShift...

CVE-2024-45496

CVE-2024-45496 is an OpenShift OpenShift Controller Manager issue describing elevated privileges in the build process. The root cause is the git-clone container running with a privileged security context during build initialization, allowing a crafted .gitconfig to execute commands during cloning...

Exploit for Missing Authorization in Sonaar Mp3_Audio_Player_For_Music\,_Radio_\&_Podcast

CVE-2024-7856 ★ CVE-2024-7856 Arbitrary File deletion PoC ★...

Exploit for Heap-based Buffer Overflow in Microsoft

Firebeam CVE-2024-26229 plugin A small firebeam kaine's risc...

git: additional local RCE

A flaw was found in Git in a full copy of a Git repository. A prerequisite for this vulnerability is for an unauthenticated attacker to place a specialized repository on their target's local system. If the victim were to clone this repository, it could result in arbitrary code execution...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

CVE-2024-32002: Exploiting Git RCE via git clone This repository contains a PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation. By crafting repositories with submodules in a specific way, an attacker can exploit symlink handling on...

Fedora 39 : composer (2024-bb55f8476a)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bb55f8476a advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

Exploit for OS Command Injection in Php

CVE-2024-4577 Vulnerability Checker This script is designed t...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

git clone을 통한 Remote Code Execution 공격 CVE-2024-32002 기여자...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

CVE-2024-32002: Exploiting Git RCE via git clone This repos...

Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory

...

Exploit for Path Traversal in Aiohttp

CVE-2024-23334-PoC A proof of concept of the path traversal vu...