Lucene search
K

15 matches found

CVE
CVE
added 2026/06/22 4:10 p.m.171 views

CVE-2026-53571

CVE-2026-53571 affects the Vite dev server. On Windows, the denial mechanism implemented by the option server.fs.deny fails to normalize NTFS ADS path forms before access checks, allowing bypasses such as /.env::$DATA?raw and access via 8.3 short-name tricks. This can enable exposure of sensitive...

8.2CVSS5.9AI score0.00393EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2025/10/21 7:17 p.m.23 views

JLSEC-2025-182 An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS8.2AI score0.0511EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-4591

Malware in sbrugna...

9.8CVSS9.2AI score0.0511EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 8 : libgit2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2020-12279 - A...

9.8CVSS8.3AI score0.24014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.38 views

CentOS 8 : git (CESA-2019:4356)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:4356 advisory. - git: Arbitrary path overwriting via export-marks in-stream command feature CVE-2019-1348 - git: Recursive submodule cloning allows using git director...

9.3CVSS7.6AI score0.34007EPSS
Exploits0References5
Securelist
Securelist
added 2020/07/14 10:0 a.m.55 views

The Tetrade: Brazilian banking malware goes global

Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the worlds busiest and most creative perpetrators of cybercrime. Like their counterparts in China and Russia, their cyberattacks have a stron...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/04/29 2:10 p.m.39 views

CVE-2020-12278

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS3.5AI score0.24014EPSS
Exploits0References3
Prion
Prion
added 2020/04/27 5:15 p.m.23 views

Remote code execution

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

7.5CVSS8.6AI score0.24014EPSS
Exploits0References7Affected Software2
Exploit DB
Exploit DB
added 2020/01/29 12:0 a.m.951 views

Microsoft Windows 10 - Theme API 'ThemePack' File Parsing

Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Google Dork: n/a Date: 2020-10-28 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10 v.1803 17134.407 Tested on: Windows 7, 8.0, 8.1, 10, Serve...

9.3CVSS7.6AI score0.46406EPSS
Exploits3
exploitpack
exploitpack
added 2020/01/29 12:0 a.m.89 views

Microsoft Windows 10 - Theme API ThemePack File Parsing

Microsoft Windows 10 - Theme API ThemePack File Parsing Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Google Dork: n/a Date: 2020-10-28 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10...

9.3CVSS0.1AI score0.59885EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2019/12/23 12:0 a.m.69 views

Oracle Linux 8 : git (ELSA-2019-4356)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4356 advisory. - Remote code execution in recursive clones with nested submodules Resolves: CVE-2019-1387 Tenable has extracted the preceding description block direct...

9.3CVSS7.7AI score0.34007EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/12/13 12:0 a.m.160 views

Amazon Linux AMI : git (ALAS-2019-1325)

The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice. ...

9.8CVSS7.1AI score0.34007EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2015/03/25 12:0 a.m.14 views

IT-Grundschutz M4.332: Sichere Konfiguration der Zugriffssteuerung bei einem Samba-Server

IT-Grundschutz M4.332: Sichere Konfiguration der Zugriffssteuerung bei einem Samba-Server Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4332.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.332 Authors: Thomas Rotter Copyright: Copyright c 20...

0.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/05/12 12:0 a.m.9 views

Check if NTFS Access Control Lists and NTFS Alternate Data Streams supported

Check if NTFS Access Control Lists and NTFS Alternate Data Streams supported. OpenVAS Vulnerability Test $Id: GSHBSSHSAMBAntfsACLADS.nasl 7152 2017-09-15 14:36:54Z cfischer $ Check if NTFS Access Control Lists and NTFS Alternate Data Streams supported Authors: Thomas Rotter Copyright: Copyright c...

Exploits0
NVD
NVD
added 2006/03/29 1:6 a.m.16 views

CVE-2006-1475

Windows Firewall in Microsoft Windows XP SP2 does not produce application alerts when an application is executed using the NTFS Alternate Data Streams ADS filename:stream syntax, which might allow local users to launch a Trojan horse attack in which the victim does not obtain the alert that Windo...

2.1CVSS6.2AI score0.0168EPSS
Exploits0References3
Rows per page
Query Builder