9840 matches found
CVE-2013-0264
CVE-2013-0264 affects Cumin. The issue is an import error introduced during code refactoring (r5310) that causes server certificate validation to be always disabled when connecting to Aviary servers, even if the system packages support it. This creates a potential integrity risk (partial) and, pe...
CVE-2014-4535
Cross-site scripting XSS vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php...
Cross site scripting
Cross-site scripting XSS vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php...
CVE-2014-4535
CVE-2014-4535 is a cross-site scripting vulnerability in WordPress Import Legacy Media plugin (versions = 0.1 (or patch) as indicated by the sources. If exploitation details are not provided in a given document, they are not assumed here.”}
The vulnerability of the DataImportHandler module of the Apache Solr search server allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the DataImportHandler module of the Apache Solr search server lies in its error handling for the “dataConfig” request. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
git: Arbitrary path overwriting via export-marks in-stream command feature
A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...
[ASA-201912-6] git: arbitrary code execution
Arch Linux Security Advisory ASA-201912-6 ========================================= Severity: High Date : 2019-12-18 CVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 CVE-2019-19604 Package : git Type : arbitrary code execution Remote : Yes Link :...
[ASA-201912-5] libgit2: arbitrary code execution
Arch Linux Security Advisory ASA-201912-5 ========================================= Severity: High Date : 2019-12-18 CVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 Package : libgit2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1075 Summa...
Updated git packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could...
Mail.ru: Blind SSRF на calendar.mail.ru при импорте календаря
Blind SSRF in calendar.mail.ru via calendar import functionality...
Amazon Linux AMI : git (ALAS-2019-1325)
The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. ...
CVE-2019-13932
A vulnerability has been identified in XHQ All versions V6.0.0.2. The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack cou...
CVE-2019-13932
A vulnerability has been identified in XHQ All versions V6.0.0.2. The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack cou...
CVE-2019-13932
A vulnerability has been identified in XHQ All versions V6.0.0.2. The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack cou...
Security Bulletin: Unvalidated certificate import in IBM Business Automation Workflow (CVE-2019-4711)
Summary APAR JR61324 is available for IBM Business Automation Workflow BAW 19.0.0.2. It introduces a new API to register BAW at Resource Registry to support integrating processes in App Designer in Cloud Pak for Automation. During the registration process a TLS certifcate is imported without...
Debian DSA-4581-1 : git - security update
Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. - CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. ...
CVE-2019-1348
A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...
UBUNTU-CVE-2019-1348
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...
CVE-2019-1348
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...
Important: git
Issue Overview: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git...