Lucene search
K

37 matches found

OSV
OSV
added 2024/02/27 7:4 p.m.3 views

DEBIAN-CVE-2024-27099

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...

9.8CVSS7.5AI score0.01418EPSS
Exploits0References1
OSV
OSV
added 2024/02/27 7:4 p.m.9 views

AZL-35447 CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...

9.8CVSS6.9AI score0.01418EPSS
Exploits0References1
NVD
NVD
added 2024/02/27 7:4 p.m.24 views

CVE-2024-27099

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...

9.8CVSS9.5AI score0.01418EPSS
Exploits0References2
OSV
OSV
added 2024/02/27 7:4 p.m.8 views

UBUNTU-CVE-2024-27099

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...

9.8CVSS5.8AI score0.01418EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/27 6:58 p.m.17 views

CVE-2024-27099

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...

9.8CVSS7.5AI score0.01418EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/02/14 3:56 a.m.5 views

SUSE CVE-2024-25110

The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...

7.5CVSS8.2AI score0.06645EPSS
Exploits0References4
OSV
OSV
added 2024/02/12 7:58 p.m.29 views

CVE-2024-25110 Azure IoT Platform Device SDK Remote Code Execution Vulnerability

The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...

9.8CVSS8.3AI score0.06645EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.41 views

FreeBSD : git -- Local clone-based data exfiltration with non-local transports (9548d6ed-b1da-11ed-b0f4-002590f2a714)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9548d6ed-b1da-11ed-b0f4-002590f2a714 advisory. - Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2,...

5.5CVSS7.1AI score0.01336EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.3 views

SUSE CVE-2019-19604

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...

7.8CVSS9.8AI score0.03691EPSS
Exploits1References10
OSV
OSV
added 2023/02/14 8:15 p.m.1 views

DEBIAN-CVE-2023-22490

Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort loca...

5.5CVSS6.6AI score0.0071EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2023/02/14 7:47 p.m.52 views

CVE-2023-22490

Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort loca...

5.5CVSS6.4AI score0.0071EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/01 12:0 a.m.111 views

Security update for git (moderate)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0598-1 Rating: moderate References: 1063412 1095218 1095219 1110949 1112230 1114225 1132350 1149792 1156651 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1167890 1168930 1169605 1169786...

9.8CVSS9.3AI score0.97356EPSS
Exploits24References23
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.54 views

SUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)

This update for git fixes the following issues : Security issue fixed : CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host bsc1168930. Non-security issue fixed : git was updated to 2.26.0 f...

9.8CVSS8.1AI score0.97356EPSS
Exploits35References25
BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.4 views

The vulnerability of the Git version control system, related to insufficient validation of input data, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Git version control system lies in the improper updating of submodules. This occurs because the operation can execute commands found in the .gitmodules file of the malicious repository. Exploiting this vulnerability allows a remote attacker to access confidential data,...

9.3CVSS7.6AI score0.03691EPSS
Exploits1References14Affected Software5
RedhatCVE
RedhatCVE
added 2019/12/11 12:51 a.m.26 views

CVE-2019-19604

A security bypass was discovered in git, which allows arbitrary commands to be executed during the update of git submodules. A remote attacker may trick a victim user into cloning a malicious repository that initially looks fine, allowing access to bypass the security mechanisms that prevent the...

9.3CVSS3.5AI score0.03691EPSS
Exploits1References4
OSV
OSV
added 2019/12/11 12:15 a.m.5 views

ALPINE-CVE-2019-19604

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...

7.8CVSS7.4AI score0.03691EPSS
Exploits1References1
NVD
NVD
added 2019/12/11 12:15 a.m.17 views

CVE-2019-19604

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...

9.3CVSS8.8AI score0.03691EPSS
Exploits1References10
Rows per page
Query Builder