52 matches found
CVE-2025-67427
The CVE-2025-67427 issue affects EverShop prior to 2.1.1, where an insufficient validation of the src query parameter in the GET /images API allows unauthenticated SSRF to trigger arbitrary HTTP/HTTPS requests to internal or external networks. The root cause is improper validation of the target U...
CVE-2021-27856
creationtimestamp| type| source ---|---|--- 2025-10-05 10:02:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-27856.yaml...
The MPlayer Project MPlayer Lite 安全漏洞
The MPlayer Project MPlayer Lite is a multimedia player from The MPlayer Project, Inc. A security vulnerability exists in The MPlayer Project MPlayer Lite version r33064, which stems from improper boundary checking when handling M3U playlist files containing long http URL entries, which could lea...
CVE-2025-48938 Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...
RLSA-2025:0673 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...
RHEL 8 : git-lfs (RHSA-2025:0845)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0845 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...
RHEL 8 : git-lfs (RHSA-2025:0825)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0825 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
ALSA-2025:0845 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : git-lfs (RHSA-2025:0757)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0757 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
RHEL 9 : git-lfs (RHSA-2025:0759)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0759 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2025:0673 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...
RHEL 9 : git-lfs (RHSA-2025:0673)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:0673 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
Git LFS permits exfiltration of credentials via crafted HTTP URLs
Impact When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host...
CVE-2024-53263
Git LFS (Git Large File Storage) is affected by CVE-2024-53263. The vulnerability arises when Git LFS requests credentials from Git for a remote host and passes portions of the host URL to git-credential(1) without sanitizing embedded line-ending control characters. An attacker could insert URL-e...