12 matches found
Astra Linux – Vulnerability in libgit2
A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. The checkout.c file mishandles equivalent filenames that exist due to NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...
Directory Traversal
Overview vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Directory Traversal due to improper checks for file system paths on Windows platforms in isFileLoadingAllowed function. An attacker can obtain sensitive file contents by bypassing path...
JLSEC-2025-183 An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0
An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...
EUVD-2020-4592
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-12279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This...
PT-2022-28209 · Packagist · Ibexa/Admin-Ui
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue allows for JavaScript XSS injection in content type entries, specifically in the name and short name fields. This can be exploited by individuals who already have permission to...
DEBIAN-CVE-2020-12279
An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...
UBUNTU-CVE-2020-12279
An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...
PT-2019-6258 · Libgit2 +3 · Libgit2 +3
Name of the Vulnerable Software and Affected Versions: libgit2 versions prior to 0.28.4 libgit2 versions 0.9x prior to 0.99.0 Description: The issue is related to the checkout.c component of libgit2, which mishandles equivalent filenames due to NTFS short names. This may allow a remote attacker t...
Malicious Git and Mercurial HTTP Server For CVE-2014-9390
This module exploits CVE-2014-9390, which affects Git versions less than 1.8.5.6, 1.9.5, 2.0.5, 2.1.4 and 2.2.1 and Mercurial versions less than 3.2.3 and describes three vulnerabilities. On operating systems which have case-insensitive file systems, like Windows and OS X, Git clients can be...
GIT 1.8.5.6/1.9.5/2.0.5/2.1.4/2.2.1 & Mercurial < 3.2.3 - Multiple Vulnerabilities (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Malicious Git and Mercurial HTTP Server For CVE-2014-9390', 'Description' = %q This module exploits CVE-2014-9390, which affect...
http-iis-short-name-brute NSE Script
Attempts to brute force the 8.3 filenames commonly known as short names of files and directories in the root folder of vulnerable IIS servers. This script is an implementation of the PoC "iis shortname scanner". The script uses ,? and to bruteforce the short name of files present in the IIS...