Lucene search
K

22 matches found

NVD
NVD
added 2026/05/28 10:16 p.m.15 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS0.00347EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/28 9:8 p.m.10 views

EUVD-2026-33064

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...

9.4CVSS5.7AI score0.00328EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/28 9:6 p.m.9 views

EUVD-2026-33063

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-26861

Malicious code in bioql PyPI...

7.3CVSS7.9AI score0.00352EPSS
Exploits0References6
OSV
OSV
added 2024/07/05 8:40 p.m.21 views

GHSA-53Q7-4874-24QG Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL

SERVERSIDEFIDESAPIURL is a server-side configuration environment variable used by the Fides Privacy Center to communicate with the Fides webserver backend. The value of this variable is a URL which typically includes a private IP address, private domain name, and/or port. This vulnerability allow...

5.3CVSS5.2AI score0.01114EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/07/05 8:40 p.m.37 views

Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL

SERVERSIDEFIDESAPIURL is a server-side configuration environment variable used by the Fides Privacy Center to communicate with the Fides webserver backend. The value of this variable is a URL which typically includes a private IP address, private domain name, and/or port. This vulnerability allow...

5.3CVSS6.6AI score0.01114EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2023/10/26 3:15 p.m.15 views

CVE-2023-46238

ZITADEL is an identity infrastructure management system. ZITADEL users can upload their own avatar image using various image types including SVG. SVG can include scripts, such as javascript, which can be executed during rendering. Due to a missing security header, an attacker could inject code to...

8.7CVSS8.9AI score0.00437EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/26 2:22 p.m.15 views

CVE-2023-46238 XSS with User Avatar image in ZITADEL

ZITADEL is an identity infrastructure management system. ZITADEL users can upload their own avatar image using various image types including SVG. SVG can include scripts, such as javascript, which can be executed during rendering. Due to a missing security header, an attacker could inject code to...

8.7CVSS7.2AI score0.00437EPSS
Exploits0References3
OSV
OSV
added 2023/10/26 2:22 p.m.20 views

CVE-2023-46238 XSS with User Avatar image in ZITADEL

ZITADEL is an identity infrastructure management system. ZITADEL users can upload their own avatar image using various image types including SVG. SVG can include scripts, such as javascript, which can be executed during rendering. Due to a missing security header, an attacker could inject code to...

8.7CVSS6.7AI score0.00437EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/07/04 12:0 a.m.36 views

EulerOS 2.0 SP11 : git (EulerOS-SA-2023-2265)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33....

7.5CVSS7.2AI score0.01144EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.27 views

Amazon Linux 2023 : git, git-all, git-core (ALAS2023-2023-113)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-113 advisory. Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked...

7.5CVSS7.2AI score0.01336EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.41 views

GitLab 0.0 < 15.6.8 / 15.7 < 15.7.7 / 15.8 < 15.8.2 (CVE-2023-22490)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into usi...

5.5CVSS7.1AI score0.01336EPSS
Exploits1References2
Fedora
Fedora
added 2023/02/16 2:6 a.m.37 views

[SECURITY] Fedora 37 Update: git-2.39.2-1.fc37

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

7.5CVSS6.8AI score0.01144EPSS
Exploits3
NCSC
NCSC
added 2023/02/16 12:0 a.m.6 views

Vulnerabilities fixed in Git and GitLab

The Git community has fixed vulnerabilities in Git. A malicious party with a repository under its control could exploit the vulnerabilities to gain access to sensitive data, or overwrite arbitrary files on the system of the victim's system. The vulnerability is in the way Git handles symbolic...

7.5CVSS9.7AI score0.01144EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/02/15 12:0 a.m.37 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current git Multiple Vulnerabilities (SSA:2023-046-02)

The version of git installed on the remote host is prior to 2.30.8 / 2.35.7 / 2.39.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-046-02 advisory. - Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5,...

7.5CVSS7.2AI score0.01336EPSS
Exploits4References3
Prion
Prion
added 2023/02/14 9:15 p.m.19 views

Privilege escalation

Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This...

4.1CVSS7AI score0.00352EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2023/02/14 9:15 p.m.16 views

Design/Logic Flaw

Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when gitk is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running...

4.4CVSS7.6AI score0.00385EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/02/14 8:15 p.m.30 views

Design/Logic Flaw

Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort loca...

1.9CVSS6.6AI score0.01336EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2023/02/14 7:48 p.m.41 views

CVE-2023-23946

Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A...

7.5CVSS7.6AI score0.01144EPSS
Exploits3
OSV
OSV
added 2023/02/14 7:47 p.m.35 views

CVE-2023-22490 Git vulnerable to local clone-based data exfiltration with non-local transports

Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort loca...

5.5CVSS5.6AI score0.0071EPSS
Exploits0References6
Rows per page
Query Builder