CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Snyk•added 2026/05/14 4:17 p.m.•3 views

Arbitrary Argument Injection

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Arbitrary Argument Injection in a push operation. A user with permission to create or modify workflows can read arbitrary files on the server by injecting CLI flags during workflow creation or...

8.3CVSS6.1AI score

Exploits0References2

Github Security Blog•added 2026/05/14 4:17 p.m.•6 views

n8n Has an Arbitrary File Read via Git Node

Impact An authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leading to full compromise. Patches The issue has been fixed in n8n versions 1.123.43,...

5.9AI score

Exploits0References2Affected Software1

Snyk•added 2026/04/25 11:42 p.m.•4 views

Command Injection

Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Command Injection via the uploadpack or receivepack kwargs in the Repo.clonefrom, Remote.fetch, Remote.pull, or Remote.push functions. An attacker can execute arbitrar...

8.8CVSS5.9AI score0.0003EPSS

Exploits1References2

OSV•added 2025/12/30 12:11 p.m.•1 views

CVE-2023-54238 mlx5: fix skb leak while fifo resync and push

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

6.4AI score0.0002EPSS

Exploits0References6

CVE•added 2025/12/30 12:11 p.m.•5 views

CVE-2023-54238

CVE-2023-54238 affects the Linux kernel in the mlx5 area. Two issues are described: (1) a SKB leak during ptp resync where SKBs were popped from the fifo but not freed (addressed by adding napi_consume_skb to properly free SKBs); and (2) an overrun in mlx5e_skb_fifo_has_room() where a counter com...

6.2AI score0.0002EPSS

Exploits0References3

Code423n4•added 2023/11/29 12:0 a.m.•4 views

Array is push()ed but not pop()ed, and is iterated over

Lines of code 96, 485, 485, 485, 485, 485, 485, 485, 485, 485, 485https://github.com/Tapioca-DAO/ta...

6.9AI score

Exploits0

SUSE CVE•added 2023/02/15 5:4 a.m.•1 views

SUSE CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

8.8CVSS9.1AI score0.05192EPSS

Exploits0References7

Snyk•added 2022/12/20 1:16 p.m.•1 views

Remote Code Execution (RCE)

Overview simple-git is a light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE via the clone, pull, push and listRemote methods, due to improper input sanitization. This vulnerability exists due to...

9.8CVSS7.6AI score0.41738EPSS

Exploits2References2

Code423n4•added 2022/09/08 12:0 a.m.•18 views

Unbounded loop on array can lead to DoS

Lines of code Vulnerability details Description: As this array can grow quite large, the transaction’s gas cost could exceed the block gas limit and make it impossible to call this function at all a push exist but there's no pop in the solution, that means it will continuously only push which wil...

6.7AI score

Exploits0