Lucene search
K

560 matches found

OSV
OSV
added 2021/03/09 8:15 p.m.2 views

DEBIAN-CVE-2021-21300

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive...

7.5CVSS7.4AI score0.88644EPSS
Exploits5References1
OSV
OSV
added 2021/03/09 8:15 p.m.3 views

ALPINE-CVE-2021-21300

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive...

7.5CVSS6.9AI score0.88644EPSS
Exploits5References1
OSV
OSV
added 2021/03/09 6:44 p.m.6 views

SUSE-SU-2021:0757-1 Security update for git

This update for git fixes the following issues: - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone. bsc1183026, CVE-2021-21300...

8CVSS8AI score0.88644EPSS
Exploits5References3
Ubuntu
Ubuntu
added 2021/03/09 6:25 p.m.132 views

USN-4761-1: Git vulnerability

Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems. A remote attacker could possibly use this issue to execute arbitrary code...

8CVSS8.4AI score0.88644EPSS
Exploits5
OSV
OSV
added 2021/03/09 6:25 p.m.2 views

USN-4761-1 git vulnerability

Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems. A remote attacker could possibly use this issue to execute arbitrary code...

8CVSS7.4AI score0.88644EPSS
Exploits5References2
OSV
OSV
added 2021/03/09 6:22 p.m.8 views

SUSE-SU-2021:0756-1 Security update for git

This update for git fixes the following issues: - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone. bsc1183026, CVE-2021-21300...

8CVSS8AI score0.88644EPSS
Exploits5References3
OSV
OSV
added 2021/03/09 6:0 p.m.9 views

UBUNTU-CVE-2021-21300

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive...

8CVSS7AI score0.88644EPSS
Exploits5References3
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.2 views

Git 后置链接漏洞

Git is a free, open source distributed version control system. Git suffers from a back-linking vulnerability that allows an attacker to clone to a case-insensitive filesystem using a specially crafted repository that leads to the execution of just-checked scripts...

8CVSS8.1AI score0.88644EPSS
Exploits5References30
Veracode
Veracode
added 2020/10/29 9:51 p.m.24 views

Authentication Bypass

gosa is vulnerable to authentication bypass. An attacker is able to authenticate as any user using a username containing the case-insensitive substring success with an arbitrary password...

9.8CVSS3.9AI score0.01749EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.7 views

In the GNU C Library (aka glibc or libc6) through 2.29 proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

...

9.8CVSS6.9AI score0.04731EPSS
Exploits1
OSV
OSV
added 2020/04/22 8:59 p.m.25 views

GHSA-24M3-W8G9-JWPQ Information disclosure of source code in SimpleSAMLphp

Background The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. Description The che...

3CVSS3.9AI score0.00922EPSS
Exploits0References6
NVD
NVD
added 2020/04/21 8:15 p.m.35 views

CVE-2020-5301

SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...

3.5CVSS3.7AI score0.00922EPSS
Exploits0References2
OSV
OSV
added 2020/04/21 8:15 p.m.15 views

CVE-2020-5301

SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...

3.1CVSS3.8AI score
Exploits0References2
Prion
Prion
added 2020/04/21 8:15 p.m.18 views

Information disclosure

SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...

3.5CVSS3.9AI score0.00922EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/04/21 8:15 p.m.32 views

CVE-2020-5301

SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...

3.5CVSS5.9AI score0.00922EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/21 7:50 p.m.38 views

CVE-2020-5301 Information disclosure of source code in SimpleSAMLphp

SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...

3CVSS3.6AI score0.00922EPSS
Exploits0References2
Kitploit
Kitploit
added 2020/04/21 12:30 p.m.30 views

Httpgrep - Scans HTTP Servers To Find Given Strings In URIs

A python tool which scans for HTTP servers and finds given strings in URIs. Usage $ httpgrep -H --== httpgrep by nullsecurity.net ==-- usage httpgrep -h -s opts | opts -h - single host or host-range/cidr-range or file containing hosts, e.g.: foobar.net, 192.168.0.1-192.168.0.254, 192.168.0.0/24,...

7.2AI score
Exploits0References1
Prion
Prion
added 2020/02/12 2:15 a.m.26 views

Command injection

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

7.5CVSS7.6AI score0.63178EPSS
Exploits5References9Affected Software6
PyPA
PyPA
added 2020/02/12 2:15 a.m.7 views

PYSEC-2020-217

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

9.8CVSS7.4AI score0.63178EPSS
Exploits5References10Affected Software1
OSV
OSV
added 2019/12/19 1:2 a.m.9 views

USN-4224-1 python-django vulnerability

Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts...

9.8CVSS6.7AI score0.3481EPSS
Exploits7References2
Rows per page
Query Builder