CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10098 matches found

Tenable Nessus•added 2018/10/12 12:0 a.m.•33 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Git vulnerability (USN-3791-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3791-1 advisory. It was discovered that git did not properly validate git submodule urls or paths. A remote attacker could possibly use this to craft a git...

9.8CVSS7.8AI score0.59226EPSS

Exploits12References2

Slackware Linux•added 2018/10/11 12:35 a.m.•77 views

[slackware-security] git

New git packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/git-2.14.5-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: Submodules' "URL"s come from the untrusted...

9.8CVSS0.1AI score0.59226EPSS

Exploits12

Tenable Nessus•added 2018/10/11 12:0 a.m.•33 views

Slackware 14.0 / 14.1 / 14.2 / current : git (SSA:2018-283-01)

New git packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-283-01. The text itself is copyright C Slackware Linux,...

9.8CVSS7.4AI score0.59226EPSS

Exploits12References2

OpenVAS•added 2018/10/11 12:0 a.m.•41 views

Fedora Update for git FEDORA-2018-1c1a318a0b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.59226EPSS

Exploits20References2

Fedora•added 2018/10/10 10:47 p.m.•38 views

[SECURITY] Fedora 28 Update: git-2.17.2-1.fc28

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

9.8CVSS2.4AI score0.59226EPSS

Exploits20

0day.today•added 2018/10/09 12:0 a.m.•237 views

Git Submodule - Arbitrary Code Execution Vulnerability

Exploit for linux platform in category local exploits These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git...

9.1AI score0.59226EPSS

Exploits12

CNVD•added 2018/10/09 12:0 a.m.•3 views

Git Submodule Arbitrary Code Execution Vulnerability

Git is an open source distributed version control system A security vulnerability in the handling of the '-' character in the Git Submodule allows remote attackers to exploit the vulnerability by submitting a special request that can execute arbitrary code...

9.8CVSS7.7AI score0.59226EPSS

Exploits12References1

Tenable Nessus•added 2018/10/09 12:0 a.m.•38 views

Debian DSA-4311-1 : git - security update

joernchen of Phenoelit discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability via a specially crafted .gitmodules file in a project cloned with --recurse-submodules. C Tenable Network Security, Inc. The descriptive text an...

9.8CVSS7.1AI score0.59226EPSS

Exploits12References4

ArchLinux•added 2018/10/09 12:0 a.m.•32 views

[ASA-201810-7] git: arbitrary code execution

Arch Linux Security Advisory ASA-201810-7 ========================================= Severity: High Date : 2018-10-09 CVE-ID : CVE-2018-17456 Package : git Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-776 Summary ======= The package git before version...

9.8CVSS0.9AI score0.59226EPSS

Exploits12References6

Packet Storm•added 2018/10/08 12:0 a.m.•127 views

Git Submodule Arbitrary Code Execution

These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git parses the supplied .gitmodules file for a URL field an...

0.1AI score0.59226EPSS

Exploits12

OSV•added 2018/10/06 2:29 p.m.•5 views

ALPINE-CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS8.2AI score0.59226EPSS

Exploits12References1

OSV•added 2018/10/06 2:29 p.m.•24 views

CVE-2018-17456

9.8CVSS9.9AI score

Exploits0References18

Prion•added 2018/10/06 2:29 p.m.•31 views

Remote code execution

7.5CVSS9.6AI score0.59226EPSS

Exploits12References18Affected Software11

NVD•added 2018/10/06 2:29 p.m.•26 views

CVE-2018-17456

9.8CVSS9.8AI score0.59226EPSS

Exploits12References18

Debian CVE•added 2018/10/06 2:0 p.m.•29 views

CVE-2018-17456

9.8CVSS8.2AI score0.59226EPSS

Exploits12

CVE•added 2018/10/06 2:0 p.m.•639 views

CVE-2018-17456

CVE-2018-17456 is a remote code execution in Git triggered when processing a recursive clone of a superproject if a .gitmodules URL starts with a dash. Affected Git versions include 2.14.5 and later 2.15.x/2.16.x/2.17.x/2.18.x/2.19.x before the fixed releases listed (e.g., 2.14.5 and subsequent u...

9.8CVSS9.3AI score0.59226EPSS

Exploits12References18Affected Software1