Exploit for Argument Injection in Git-Scm Git

PoC exploit for CVE-2018-17456, a vulnerability in the Apache Co...

MGASA-2019-0199 Updated git packages fix security vulnerability

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017 CVE-2018-19486...

Updated git packages fix security vulnerability

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017 CVE-2018-19486...

Command Injection

Overview Versions of pullit prior to 1.4.0 are vulnerable to Command Injection. The package does not validate input on git branch names and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system. Recommendation Upgrade to version 1.4.0 or later. References -...

Terminus - A Terminal For A More Modern Age

Terminus is a highly configurable terminal emulator for Windows, macOS and Linux Theming and color schemes Fully configurable shortcuts Split panes Remembers your tabs PowerShell and PS Core, WSL, Git-Bash, Cygwin, Cmder and CMD support Integrated SSH client and connection manager Full Unicode...

Facebash - Facebook Brute Forcer In Shellscript Using TOR

Facebook Brute Forcer in shellscript using TOR IG: @thelinuxchoice Legal disclaimer: Usage of Facebash for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not...

CVE-2019-10330

Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted...

CVE-2019-10330

Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted...

Code injection

Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted...

CVE-2019-10330

Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted...

Duplicate Advisory: Command Injection in fs-git

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wp3j-gv53-4pg8. This link is maintained to preserve external references. Original Description Affected versions of fs-git do not sanitize strings passed into the buildCommand method, resulting in arbitrary code...

GHSA-QR32-J4J6-3M7R Duplicate Advisory: Command Injection in fs-git

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wp3j-gv53-4pg8. This link is maintained to preserve external references. Original Description Affected versions of fs-git do not sanitize strings passed into the buildCommand method, resulting in arbitrary code...

hostap/ap-mgmt-fuzzer: Crash in copy_supp_rates

Project: git://w1.fi/srv/git/hostap.git Detailed report: https://oss-fuzz.com/testcase?key=5737950014341120 Project: hostap Fuzzer: libFuzzerhostapap-mgmt-fuzzer Fuzz target binary: ap-mgmt-fuzzer Job Type: libfuzzerubsanhostap Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...

hostap/ap-mgmt-fuzzer: Crash in handle_auth

Project: git://w1.fi/srv/git/hostap.git Detailed report: https://oss-fuzz.com/testcase?key=5686935802085376 Project: hostap Fuzzer: libFuzzerhostapap-mgmt-fuzzer Fuzz target binary: ap-mgmt-fuzzer Job Type: libfuzzermsanhostap Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...

Uber: [Pre-Submission][H1-4420-2019] API access to Phabricator on code.uberinternal.com from leaked certificate in git repo

A username and certificate was found that allows API access to Phabricator on code.uberinternal.com. This API access could give away source cod and the private phabricator instance of Uber...

CMSeeK v1.1.2 - CMS Detection And Exploitation Suite - Scan WordPress, Joomla, Drupal And Over 170 Other CMSs

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.1.2 19-05-2019 - Version 1.1.1...

SSHD-Poison - A Tool To Get Creds Of Pam Based SSHD Authentication

sshd-poison is a tool to get creds of pam based sshd authentication, this is not the easiest way to do that you can create a pam module, or just add auth optional pamexec.so quiet exposeauthtok /bin/bash -c read,-r,x;echo,-e,"env\n$x"somefile in a service configuration, not even the stealthiest t...

hostap/wnm-fuzzer: Heap-buffer-overflow in WPA_GET_LE64

Project: git://w1.fi/srv/git/hostap.git Detailed report: https://oss-fuzz.com/testcase?key=5179747476176896 Project: hostap Fuzzer: aflhostapwnm-fuzzer Fuzz target binary: wnm-fuzzer Job Type: aflasanhostap Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x60700000045b...

Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execute Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...

Shopware createInstanceFromNamedArguments PHP Object Instantiation Exploit

This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently...