Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.
9.8CVSS
9.6AI Score
0.005EPSS
Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input stri...
7.5CVSS
7.7AI Score
0.002EPSS
Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cyg...
8.8CVSS
9.2AI Score
0.071EPSS