Lucene search
K

11 matches found

OSV
OSV
added 2026/06/02 3:56 p.m.20 views

SUSE-SU-2026:21992-1 Security update for libzypp, libsolv

This update for libzypp, libsolv fixes the following issues: libsolv was updated to 0.7.39. - fix solvchksumfree segfault when called with a NULL pointer - made repoaddsolv more robust against corrupt files bsc1265935 CVE-2026-9149 - fix potential buffer overflow when verifying EdDSA signatures...

8.8CVSS5.7AI score0.006EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/01/16 10:45 p.m.3 views

CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.5AI score0.00149EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-6093

Malware in sbrugna...

9CVSS8.8AI score0.05516EPSS
Exploits0References4
Fedora
Fedora
added 2024/03/07 10:33 p.m.25 views

[SECURITY] Fedora 40 Update: maven-wagon-3.5.3-7.fc40

Maven Wagon is a transport abstraction that is used in Maven's artifact and repository handling code. Currently wagon has the following providers: File HTTP FTP SSH/SCP WebDAV SCM in progress...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
OSV
OSV
added 2023/03/02 1:54 p.m.15 views

USN-5871-2 git regression

USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Ubuntu 18.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make...

5.5CVSS6.4AI score0.0071EPSS
Exploits0References3
Veracode
Veracode
added 2022/12/16 3:39 a.m.23 views

Denial Of Service (DoS)

helm.sh/helm/v3 is vulnerable to denial of service. The vulnerability exists due to the lack of repo handling for index.go, allowing an attacker to cause an application crash through the null pointer dereference by providing a malicious repository index file...

7.5CVSS7.2AI score0.00818EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/11/21 11:23 a.m.11 views

OPENSUSE-SU-2020:1993-1 Security update for rmt-server

This update for rmt-server fixes the following issues: Update to version 2.6.5: - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Add web server settings to /etc/rmt.conf: Now it's...

9.8CVSS6.5AI score0.98507EPSS
Exploits40References24
OSV
OSV
added 2020/11/05 9:33 a.m.12 views

SUSE-SU-2020:3160-1 Security update for rmt-server

This update for rmt-server fixes the following issues: - Version 2.6.5 - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Version 2.6.4 - Add web server settings to /etc/rmt.conf: Now it'...

9.8CVSS6.7AI score0.98507EPSS
Exploits40References22
OSV
OSV
added 2020/11/04 10:2 a.m.14 views

SUSE-SU-2020:3147-1 Security update for rmt-server

This update for rmt-server fixes the following issues: - Version 2.6.5 - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Version 2.6.4 - Add web server settings to /etc/rmt.conf: Now it'...

9.8CVSS6.7AI score0.98507EPSS
Exploits40References22
NVD
NVD
added 2018/01/26 2:29 a.m.21 views

CVE-2017-14592

Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree...

9CVSS9.2AI score0.05516EPSS
Exploits0References3
Prion
Prion
added 2018/01/26 2:29 a.m.16 views

Command injection

Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of...

9CVSS9.6AI score0.05516EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder