• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2019-10802

February 26, 2023 by

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument “repo” of function “pull()” is executed by the package without any validation.

CVE-2019-10803

February 26, 2023 by

push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable “opt.branch” is not validated before being provided to the “git” command within “index.js#L139”. This could be abused by an attacker to inject arbitrary commands.

CVE-2019-10804

February 26, 2023 by

serial-number through 1.3.0 allows execution of arbritary commands. The “cmdPrefix” argument in serialNumber function is used by the “exec” function without any validation.

CVE-2019-10807

February 26, 2023 by

Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer.

CVE-2019-10774

February 26, 2023 by

php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-10776

February 26, 2023 by

In “index.js” file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 207
  • Go to page 208
  • Go to page 209
  • Go to page 210
  • Go to page 211
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE