Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2026-2133)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...

5.5CVSS5.5AI score0.00157EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Git

Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...

9.8CVSS9AI score0.44268EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-1999-0805

Malware in sbrugna...

4.6CVSS6.4AI score0.01167EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.3 views

PT-2024-40190 · Packagist · Typo3/Cms-Core

Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided. Description: The issue arises from improper encoding of user input, making the login status display susceptible to cross-site scripting in the website frontend. To exploit this, a valid...

6.1CVSS6.3AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/02/07 3:42 p.m.4 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2023/02/06 8:54 p.m.205 views

CVE-2022-41903

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS4.3AI score0.44268EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/02/06 7:49 p.m.4 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/06 4:45 p.m.4 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/02/06 4:39 p.m.6 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
Veracode
Veracode
added 2023/01/18 8:22 p.m.59 views

Integer Overflow

git is vulnerable to integer overflows. When processing the padding operators, there is a integer overflow in pretty.c::formatandpadcommit where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command whi...

9.8CVSS9.3AI score0.44268EPSS
Exploits0References10Affected Software3
OSV
OSV
added 2023/01/17 11:15 p.m.3 views

ALPINE-CVE-2022-41903

Git is distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is a integer overflow in...

9.8CVSS7.9AI score0.44268EPSS
Exploits0References1
OSV
OSV
added 2023/01/17 6:0 p.m.5 views

UBUNTU-CVE-2022-41903

Git is distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is a integer overflow in...

9.8CVSS7.4AI score0.44268EPSS
Exploits0References7
FreeBSD
FreeBSD
added 2023/01/17 12:0 a.m.32 views

git -- Heap overflow in `git archive`, `git log --format` leading to RCE

The git team reports: git log has the ability to display commits using an arbitrary format with its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators e.g., %, %, or % , an integer overflow can occur in...

9.8CVSS7.6AI score0.44268EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.31 views

openSUSE 15 Security Update : zsh (openSUSE-SU-2022:0735-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0735-1 advisory. - In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite...

7.8CVSS8.3AI score0.0198EPSS
Exploits0References7
CNVD
CNVD
added 2018/02/28 12:0 a.m.3 views

zsh null pointer dereference vulnerability

zsh is an interactive command interpreter and command programming language used on Linux systems. A security vulnerability exists in the subst.c file in zsh 5.4.2 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service null pointer backreference...

9.8CVSS9AI score0.02592EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Microsoft Windows 2000/NT 4 NTFS File Hiding Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3989/info There exists a condition in Microsoft Windows operating systems using NTFS that may allow for files to be hidden. Though the NTFS filesystem allows for a 32000 character path, Microsoft Windows operating systems...

7.1AI score
Exploits0
myhack58
myhack58
added 2010/01/10 12:0 a.m.16 views

Sword go side door---SUBST magical-vulnerability warning-the black bar safety net

Source:T00ls Sometimes we invade when there is no way to include the site directory, this time you can try using the SUBST transfer directory: Everyone take a look: ! There is no way the column directory, we execute the CMD DIR command to see: ! Or not, we execute the CMD of the SUBST command: ! ...

1.7AI score
Exploits0
CVE
CVE
added 2005/11/16 7:37 a.m.46 views

CVE-2003-1246

CVE-2003-1246 affects the Integrity Protection Driver (IPD) versions 1.2 and 1.3. The vulnerability is in NtCreateSymbolicLinkObject within ntdll.dll, allowing a local attacker to create and overwrite arbitrary files under boot/system path via a symlink attack on \winnt\system32\drivers using the...

2.1CVSS6.8AI score0.00333EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/11/16 7:37 a.m.22 views

CVE-2003-1246

NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver IPD 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command...

6.4AI score0.00333EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2003/12/31 12:0 a.m.7 views

PT-2003-2178 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: Pedestal Software Integrity Protection Driver IPD versions 1.3 and earlier Description: The issue allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel. This is achieved by using the...

9.8CVSS6.5AI score0.01633EPSS
Exploits1References8
Rows per page
Query Builder