CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

750 matches found

Veracode•added 2025/11/17 7:55 a.m.•4 views

Command Injection

check-branches is vulnerable to command injection.The vulnerability is due to the tool trusting branch names as plain text and concatenating them into git commands, which allows an attacker to craft malicious branch names to execute arbitrary system commands...

9.8CVSS7.7AI score0.00094EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/11/11 1:44 p.m.•3 views

CVE-2025-64688

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget...

7.4CVSS6.8AI score0.0001EPSS

Exploits0References1

EUVD•added 2025/11/10 3:31 p.m.•2 views

EUVD-2025-44049

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget...

7.4CVSS6.3AI score0.0001EPSS

Exploits0References2

CVE•added 2025/11/10 1:27 p.m.•7 views

CVE-2025-64688

CVE-2025-64688 is rejected/not used per the initial description.

6.4AI score0.0001EPSS

Exploits0

Cvelist•added 2025/11/10 1:27 p.m.•5 views

CVE-2025-64688

...

0.0001EPSS

Exploits0

Positive Technologies•added 2025/11/10 12:0 a.m.•4 views

PT-2025-46157

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2025.3.104432 Description A missing VCS URL validation in JetBrains YouTrack allows delegation to unauthorized repositories through the Junie widget. This issue affects versions prior to 2025.3.104432...

7.4CVSS6.6AI score0.0001EPSS

Exploits0References7

CNNVD•added 2025/11/10 12:0 a.m.•1 views

编号撤回

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in versions prior to JetBrains YouTrack 2025.3.104432, which...

6.3AI score0.0001EPSS

Exploits0References2

RedhatCVE•added 2025/10/31 6:10 p.m.•9 views

CVE-2025-64112

Statmatic is a Laravel and Git powered content management system CMS. Stored XSS vulnerabilities in Collections and Taxonomies allow authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This vulnerability is fix...

8CVSS6AI score0.00036EPSS

Exploits0References1

OSV•added 2025/10/21 8:40 a.m.•3 views

BIT-GIT-LFS-2025-26625 Git LFS may write to arbitrary files via crafted symlinks

Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands may write to files visible outside the current Git working tree if symbolic or hard links...

8.6CVSS7.1AI score0.00057EPSS

Exploits0References7

EUVD•added 2025/10/20 3:30 p.m.•1 views

EUVD-2025-35053

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

7.8CVSS7.7AI score0.00006EPSS

Exploits0References3

Qualys Blog•added 2025/10/09 3:0 p.m.•2 views

Ensuring Safe and Reliable Updates with Qualys TruRisk™ Manifest Version Control

The Fragility of “One Bad Update” In cybersecurity, speed is non-negotiable. New vulnerabilities surface daily, and enterprises expect coverage the moment exploits are in the wild. For years, the mantra was simple: push signatures fast, and you reduce risk. Faster updates meant faster protection...

7.3AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-9362

Malware in sbrugna...

6.5CVSS6.9AI score0.00536EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2015-5366

Malware in sbrugna...

6.5CVSS6.3AI score0.00615EPSS

Exploits0References3