Search CVE reports
1541 – 1545 of 1545 results
The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
1 affected package
git-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| git-core | — | — | — | — | — |
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
1 affected package
digitaldj
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| digitaldj | — | — | — | — | — |
Some fixes available 4 of 5
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running...
1 affected package
git-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| git-core | — | — | — | — | — |
Some fixes available 2 of 4
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
1 affected package
qgit
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qgit | — | — | — | — | — |
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.
1 affected package
git-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| git-core | — | — | — | — | — |