Critical Photon OS Security Update - PHSA-2019-0255

Updates of 'file', 'git', 'python3', 'libndp', 'curl', 'haproxy', 'libpcap', 'linux', 'tcpdump', 'binutils', 'e2fsprogs', 'linux-esx', 'python2', 'polkit' packages of Photon OS have been released...

EulerOS 2.0 SP5 : git (EulerOS-SA-2019-2153)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal...

CVE-2013-1425

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions...

CVE-2013-1425

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions...

Design/Logic Flaw

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions...

CVE-2013-1425

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions...

CVE-2013-1425

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions...

CVE-2013-1425

CVE-2013-1425 affects ldap-git-backup; vulnerable versions are prior to 1.0.4. The root cause is incorrect directory permissions that allow exposure of password hashes. Impact stated is partial confidentiality loss (password hashes exposed). No exploitation details or active exploit status are pr...

CVE-2013-1425

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions...

atomic-openshift: OpenShift builds don't verify SSH Host Keys for the git repository

It was found that OpenShift Container Platform does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output...

Important: Red Hat Security Advisory: OpenShift Container Platform 3.9 atomic-openshift security update

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Github-Dorks - Collection Of Github Dorks And Helper Tool To Automate The Process Of Checking Dorks

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to ...

Node.js third-party modules: [npm-git-publish] RCE via insecure command formatting

I would like to report a RCE issue in the npm-git-publish module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: npm-git-publish version: 0.2.4-beta npm page: https://www.npmjs.com/package/npm-git-publish Module Description Share/publish private packag...

Fedora 29 : mingw-libidn2 (2019-a8d35fcf7c)

Libidn 2.2.0 released 2019-05-23 ================================== - Perform A-Label roundtrip for lookup functions by default - Stricter check of input to punycode decoder - Fix punycode decoding with no ASCII chars but given delimiter - Fix idn2 --no-tr64 was a no-op - Allow as a basic code...

Node.js third-party modules: [git-promise] RCE via insecure command formatting

I would like to report a RCE issue in the git-promise module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: git-promise version: 0.3.1 npm page: https://www.npmjs.com/package/git-promise Module Description Simple wrapper that allows you to run any git...

Node.js third-party modules: [meta-git] RCE via insecure command formatting

I would like to report a RCE issue in the meta-git module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: meta-git version: 1.1.2 npm page: https://www.npmjs.com/package/meta-git Module Description git plugin for meta Module Stats 60 downloads in the...

Code Injection in mateodelnorte/meta-git

Description The meta-git module is vulnerable against command injection since the user-supplied inputs are concatenated with a command which is executed without validation. POC 1. Create a new directory and insert some test files: bash mkdir tests cd tests touch test touch secret touch files 2...

Critical Photon OS Security Update - PHSA-2019-0185

Updates of 'git' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0185

An update of 'git' packages of Photon OS has been released...

About the security content of Xcode 11.2

About the security content of Xcode 11.2 This document describes the security content of Xcode 11.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...