CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/07/10 3:9 p.m.•3 views

CVE-2025-46835 Git GUI can create and overwrite files for which the user has write permission

8.5CVSS7AI score0.00037EPSS

CVE•added 2025/07/10 3:9 p.m.•87 views

CVE-2025-46835

Git GUI is vulnerable to arbitrary file creation/overwrites when a user clones an untrusted repository and is tricked into editing a file under a maliciously named directory; this can affect files the user can write. The issue is fixed in Git GUI versions 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2...

8.5CVSS6AI score0.00037EPSS

OSV•added 2025/07/10 3:6 p.m.•3 views

CVE-2025-46334 Git GUI malicious command injection on Windows

Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...

8.6CVSS8.8AI score0.00031EPSS

Exploits0References5

Debian CVE•added 2025/07/10 3:6 p.m.•4 views

CVE-2025-46334

8.6CVSS8.3AI score0.00031EPSS

CVE•added 2025/07/10 3:6 p.m.•66 views

CVE-2025-46334

Git GUI on Windows is affected by CVE-2025-46334. A malicious repository can ship a harmful sh.exe or textconv filter (e.g., astextplain) due to Tcl’s Windows search path including the current directory, causing these programs to run when a user selects Git Bash or Browse Files. This is a local v...

8.6CVSS6AI score0.00031EPSS

Exploits0References3

Cvelist•added 2025/07/10 3:6 p.m.•7 views

CVE-2025-46334 Git GUI malicious command injection on Windows

8.6CVSS0.00031EPSS

Vulnrichment•added 2025/07/10 3:6 p.m.•3 views

CVE-2025-46334 Git GUI malicious command injection on Windows

8.6CVSS6.9AI score0.00031EPSS

AlpineLinux•added 2025/07/10 3:6 p.m.•2 views

CVE-2025-46334

8.6CVSS6.2AI score0.00031EPSS

SUSE CVE•added 2025/07/09 11:22 p.m.•1 views

SUSE CVE-2025-46334

8.6CVSS6.7AI score0.00031EPSS

SUSE CVE•added 2025/07/09 11:22 p.m.•1 views

SUSE CVE-2025-46835

5.5CVSS6.8AI score0.00037EPSS

Exploits0References11

Ubuntu•added 2025/07/09 4:22 p.m.•6 views

USN-7626-2: Git regression

USN-7626-1 fixed vulnerabilities in Git. The update introduced a regression in gitk and git-gui. This update reverts the corresponding fixes for CVE-2025-27613 and CVE-2025-46835 pending further investigation. We apologize for the inconvenience. Original advisory details: Avi Halachmi discovered...

8.2AI score

Exploits0References1

Microsoft CVE•added 2025/07/08 2:0 p.m.•2 views

GitHub: CVE-2025-46835 Git File Overwrite Vulnerability

CVE-2025-46835 is regarding a vulnerability in Git GUI where when a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite any writable file. GitHub created this CVE on their behalf...

8.5CVSS6.2AI score0.00037EPSS

Microsoft CVE•added 2025/07/08 2:0 p.m.•3 views

GitHub: CVE-2025-46334 Git Malicious Shell Vulnerability

CVE-2025-46334 is regarding a vulnerability in Git GUI Windows only where a malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects...

8.6CVSS6.2AI score0.00031EPSS

Positive Technologies•added 2025/07/08 12:0 a.m.•3 views

PT-2025-29104 · Git Gui · Git Gui

Name of the Vulnerable Software and Affected Versions: Git GUI versions prior to 2.43.7 Git GUI versions 2.43.7 through 2.44.4 Git GUI versions 2.44.4 through 2.45.4 Git GUI versions 2.45.4 through 2.46.4 Git GUI versions 2.46.4 through 2.47.3 Git GUI versions 2.47.3 through 2.48.2 Git GUI versio...

8.6CVSS6.1AI score0.00603EPSS

Exploits9References19

RedhatCVE•added 2025/02/05 11:34 p.m.•7 views

CVE-2022-41953

Git GUI is a convenient graphical tool that comes with Git for Windows. Its target audience is users who are uncomfortable with using Git on the command-line. Git GUI has a function to clone repositories. Immediately after the local clone is available, Git GUI will automatically post-process it,...

8.6CVSS6.4AI score0.00722EPSS

Exploits0References1

Positive Technologies•added 2025/01/01 12:0 a.m.•3 views

PT-2025-28866

Name of the Vulnerable Software and Affected Versions: git in Debian Linux affected versions not specified Description: A flaw exists in Git GUI that allows for the creation and overwriting of arbitrary writable files. This occurs when a user clones an untrusted repository and is subsequently...

8.6CVSS8.2AI score0.03365EPSS

Exploits11References130

Tenable Nessus•added 2023/05/08 12:0 a.m.•22 views

EulerOS 2.0 SP11 : git (EulerOS-SA-2023-1779)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined b...

9.8CVSS8.7AI score0.17802EPSS

OpenVAS•added 2023/05/08 12:0 a.m.•18 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-1757)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.17802EPSS

Tenable Nessus•added 2023/05/08 12:0 a.m.•34 views

EulerOS 2.0 SP11 : git (EulerOS-SA-2023-1757)

9.8CVSS8.7AI score0.17802EPSS