10096 matches found
DEBIAN-CVE-2019-13139
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
CVE-2019-13139
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
Command injection
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
CVE-2019-13139
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
CVE-2019-13139
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
CVE-2019-13139
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
CVE-2019-13139
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git...
Microsoft Visual Studio Privilege Mobilization Vulnerability (CNVD-2019-40538)
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A privilege extraction vulnerability exists in Microsoft Git for Visual Studio, which stems from the...
Truegaze - Static Analysis Tool For Android/iOS Apps Focusing On Security Issues Outside The Source Code
A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third party libraries and configuration files. Requirements Python 3 is required and you can find all required modules in the requirements.txt file. Only tested on...
CVE-2019-1211
An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would ne...
CVE-2019-1211
An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would ne...
Privilege escalation
An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'...
CVE-2019-1211 Git for Visual Studio Elevation of Privilege Vulnerability
...
CVE-2019-1211
CVE-2019-1211 is an elevation of privilege vulnerability in Git for Visual Studio stemming from improper parsing of Git configuration files. The authenticated attacker could modify configuration files before full installation and then convince another user to run specific Git commands, executing ...
Git for Visual Studio Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would ne...
PT-2019-2991 · Microsoft · Visual Studio +1
Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Git for Visual Studio affected versions not specified Description: The issue is related to errors in privilege management in the Git component of Microsoft Visual Studio. It allows an...
Microsoft Git for Visual Studio CVE-2019-1211 Local Privilege Escalation Vulnerability
Description Microsoft Git for Visual Studio is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2017 Microsoft Visual Studio 2019 16.0 Microsof...
Libgit2 -- multiple vulnerabilities
The Git community reports: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. The ProgramData configuration file is always read for compatibility with Git for Windows and Portable Git installations...
NewStart CGSL MAIN 4.05 : git Vulnerability (NS-SA-2019-0120)
The remote NewStart CGSL host, running version MAIN 4.05, has git packages installed that are affected by a vulnerability: - A shell command injection flaw related to the handling of ssh URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges...
NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2019-0047)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by a vulnerability: - An option injection flaw has been discovered in git when it recursively clones a repository with sub-modules. A remote attacker may configure a malicious...