CVE-2018-3785

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

Command injection

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

CVE-2018-3785

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

CVE-2018-3785

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

CVE-2018-3785

CVE-2018-3785 affects git-dummy-commit v1.3.0, where an unescaped parameter allows command injection to execute OS commands. Several sources confirm the issue is a command-injection in the msg/filename handling, enabling remote or local command execution depending on context. Impact is high (OS-l...

Photon OS 1.0: Binutils / C / Dnsmasq / Git / Gnutls / Krb5 / Linux / Mercurial / Mesos / Nginx PHSA-2017-0038 (deprecated)

An update of gnutls, c-ares, nginx, mercurial, linux, mesos, git, binutils, krb5, dnsmasq packages for PhotonOS has been released. File data PhotonOSPHSA-2017-0038.nasl...

PT-2018-16202 · Unknown · Git-Dummy-Commit

Name of the Vulnerable Software and Affected Versions: git-dummy-commit version 1.3.0 Description: A command injection issue allows OS level commands to be executed due to an unescaped parameter. Recommendations: For git-dummy-commit version 1.3.0, consider restricting the use of the vulnerable...

Git-fastclone passes user modifiable strings directly to a shell command

git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to cd and git clone commands in the library...

GHSA-MF6W-45CF-QHMP Git-fastclone passes user modifiable strings directly to a shell command

git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to cd and git clone commands in the library...

GHSA-8GG6-3R63-25M8 git-fastclone permits arbitrary shell command execution from .gitmodules

git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an attacker can MITM an unencrypted git clone...

git-fastclone permits arbitrary shell command execution from .gitmodules

git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a client to run an arbitrary shell command. Alternately, if an attacker can MITM an unencrypted git clone...

openSUSE Security Update : cgit (openSUSE-2018-864)

This update for cgit to version 1.2.1 fixes the following issues : The following security vulnerability was addressed : - CVE-2018-14912: Fixed a directory traversal vulnerability, when enable-http-clone=1 is not turned off boo1103799 The following other changes were made : - Update to upstream...

[SECURITY] Fedora 28 Update: cgit-1.1-11.fc28

Cgit is a fast web interface for git. It uses caching to increase performa nce...

[SECURITY] Fedora 27 Update: cgit-1.1-11.fc27

Cgit is a fast web interface for git. It uses caching to increase performa nce...

cgit 1.2.1 - Directory Traversal Exploit

Exploit for linux platform in category local exploits Title: cgit 1.2.1 - Directory Traversal Metasploit Author: Dhiraj Mishra Software: cgit Link: https://git.zx2c4.com/cgit/ CVE: CVE-2018-14912 This module exploits a directory traversal vulnerability which exists in cgit 'cgit Directory...

CMSeeK v1.0.7 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 50 Other CMSs)

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.7 07-08-2018 - Version 1.0.6...

Security update for cgit (moderate)

This update for cgit to version 1.2.1 fixes the following issues: The following security vulnerability was addressed: - CVE-2018-14912: Fixed a directory traversal vulnerability, when enable-http-clone=1 is not turned off boo1103799 The following other changes were made: - Update to upstream...

RouterSploit v3.3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

[SECURITY] Fedora 28 Update: libgit2-0.26.6-1.fc28

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

Debian: Security Advisory (DLA-1459-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...