27 matches found
Astra Linux - уязвимость в git
Git GUI allows you to use Git source control management tools through a graphical interface. When a user clones an untrusted repository and is tricked into editing a file located in a directory with a malicious name in the repository, Git GUI can create and overwrite files for which the user has...
Unity Linux 20.1070a Security Update: git (UTSA-2026-021268)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021268 advisory. Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in...
EUVD-2026-29099
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading component. The framework uses torch.load to load model weight files e.g., llm.pt, flow.pt, hift.pt without enabling the security-restrictive...
CVE-2026-3048
An authenticated administrator who configures or tests LDAP connectivity in Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1 may be able to initiate unintended server-side connections when interacting with a malicious LDAP server...
Duplicate Advisory: Keycloak LDAP User Federation provider enables admin-triggered untrusted Java deserialization
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4hx9-48xh-5mxr. This link is maintained to preserve external references. Original Description A flaw was found in the Keycloak LDAP User Federation provider. This vulnerability allows an authenticated realm...
TencentOS Server 4: git (TSSA-2025:0605)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0605 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Amazon Linux 2 : git (ALAS-2025-2941)
The version of git installed on the remote host is prior to 2.47.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2941 advisory. When a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be creat...
git: Git GUI can create and overwrite files for which the user has write permission
A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify th...
git: Git GUI can create and overwrite files for which the user has write permission
A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify th...
git: Git GUI can create and overwrite files for which the user has write permission
A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify th...
CVE-2025-46835
A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify th...
DEBIAN-CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
ALPINE-CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
SUSE CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
UBUNTU-CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
Git 参数注入漏洞
Git is a free, open source distributed version control system open-sourced by Git. Git suffers from a parameter injection vulnerability that stems from the ability of the Git GUI to create and overwrite any writable file when a user clones an untrusted repository and is tricked into editing a fil...
WiX Toolset 安全漏洞
WiX Toolset is an open source code library for . A security vulnerability exists in WiX Toolset that stems from a malicious directory connection that could cause WiX RemoveFoldersEx to delete elevated files...
CVE-2021-33638 Run copy with container in a malicious directory may cause container escaping
When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container...
SUSE CVE-2011-3630
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink...
Github PNPM 代码问题漏洞
Github PNPM is fast, disk space saving package manager. A security vulnerability exists in PNPM v6.15.1 that stems from when a user executes a PNPM command in a directory that contains malicious content, which can cause an application to run in an unexpected manner...