Lucene search
K

66 matches found

BDU FSTEC
BDU FSTEC
added 2022/01/20 12:0 a.m.5 views

The vulnerabilities of the Transfer-Encoding and Content-Length headers in the Netty network programming framework, related to deficiencies in HTTP request interpretation, allow attackers to compromise data integrity.

The vulnerability of the Transfer-Encoding and Content-Length headers in the Netty network programming framework is related to a lack of proper interpretation of HTTP requests. Exploiting this vulnerability allows an attacker to compromise the integrity of data...

7.5CVSS6.9AI score0.03617EPSS
Exploits1References11Affected Software6
Tenable Nessus
Tenable Nessus
added 2021/12/31 12:0 a.m.22 views

EulerOS 2.0 SP5 : git (EulerOS-SA-2021-2929)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected...

7.5CVSS8AI score0.03074EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/12/26 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2021-2801)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03074EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/12/25 12:0 a.m.30 views

EulerOS 2.0 SP8 : git (EulerOS-SA-2021-2801)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected...

7.5CVSS8AI score0.03074EPSS
Exploits1References2
Veracode
Veracode
added 2021/12/22 5:36 a.m.9 views

XML External Entity (XXE)

rhino is vulnerable to xml external entity attack. The vulnerability exists due to a lack of sanitization of DOCTYPE and ENTITY declarations to the XML to trick the Java parsers into making protocol requests when parsing XML document...

4.2AI score
Exploits0
OSV
OSV
added 2021/10/20 2:17 p.m.7 views

SUSE-SU-2021:3484-1 Security update for git

This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...

7.5CVSS7.6AI score0.03074EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/10/20 2:0 p.m.28 views

redis: Denial of service via Redis Standard Protocol (RESP) request

A flaw was found in redis. When parsing an incoming Redis Standard Protocol RESP request, redis allocates memory according to user-specified values, which determine the number of elements in the multi-bulk header and size of each element in the bulk header. This flaw allows an unauthenticated,...

7.5CVSS7.3AI score0.1578EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.7 views

The vulnerability of the Redis database management system server, which allows a hacker to cause a service failure

The vulnerability of the Redis database management system is related to errors in processing RESP requests. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS6.4AI score0.1578EPSS
Exploits0References8Affected Software3
Tenable Nessus
Tenable Nessus
added 2021/10/12 12:0 a.m.27 views

openSUSE 15 Security Update : git (openSUSE-SU-2021:1345-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1345-1 advisory. - gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected...

7.5CVSS8AI score0.03074EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/10/12 12:0 a.m.12 views

openSUSE: Security Advisory for git (openSUSE-SU-2021:1345-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.03074EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.11 views

Aruba Instant 缓冲区错误漏洞

Aruba Instant is a wireless network. Aruba Instant provides the only Wi-Fi solution that is easy to set up.A buffer overflow vulnerability exists in Aruba Instant, which stems from a boundary error when processing PAPI requests sent to port 8211/UDP. A remote attacker could exploit this...

10CVSS9.2AI score0.02332EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/10/07 12:0 a.m.34 views

SUSE SLED15: git / git-arch / git-core / git-cvs / git-daemon / git-doc / etc (SUSE-SU-2021:3300-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3300-1 advisory. - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992. Tenable has...

7.5CVSS7.2AI score0.03074EPSS
Exploits1References4
OSV
OSV
added 2021/10/06 2:58 p.m.7 views

OPENSUSE-SU-2021:3300-1 Security update for git

This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...

7.5CVSS7.5AI score0.03074EPSS
Exploits1References3
OSV
OSV
added 2021/10/06 2:58 p.m.10 views

SUSE-SU-2021:3300-1 Security update for git

This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...

7.5CVSS7.6AI score0.03074EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/06 12:0 a.m.42 views

Security update for git (low)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2021:3300-1 Rating: low References: 1189992 Cross-References: CVE-2021-40330 CVSS scores: CVE-2021-40330 SUSE: 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: openSUSE Leap 15.3 An update that fixes...

5.4CVSS7.5AI score0.03074EPSS
Exploits1References1
OSV
OSV
added 2021/09/18 11:3 a.m.4 views

OESA-2021-1345 git security update

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and...

7.5CVSS6.9AI score0.03074EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/09/14 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-5076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03074EPSS
Exploits1References2
OSV
OSV
added 2021/09/13 2:49 p.m.7 views

USN-5076-1 git vulnerability

It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...

7.5CVSS7.1AI score0.03074EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/09/13 2:49 p.m.113 views

USN-5076-1: Git vulnerability

It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...

7.5CVSS8AI score0.03074EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2021/09/10 7:0 a.m.4 views

git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character which may result in unexpected cross-protocol requests as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.

...

7.5CVSS7AI score0.03074EPSS
Exploits1
Rows per page
Query Builder