Page 11 of 56 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-1351

https://notcve.org/view.php?id=CVE-2019-1351

A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. Se presenta una vulnerabilidad de manipulación cuando Git para Visual Studio maneja inapropiadamente las rutas de unidades virtuales, también se conoce como "Git for Visual Studio Vulnerability". • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351 https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com https://security.gentoo.org/glsa/202003-30 • CWE-706: Use of Incorrectly-Resolved Name or Reference •

CVSS: 9.3EPSS: 8%CPEs: 2EXPL: 0

CVE-2019-1350

https://notcve.org/view.php?id=CVE-2019-1350

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. Se presenta una vulnerabilidad de ejecución de código remota cuando Git para Visual Studio sanea inapropiadamente la entrada, también se conoce como "Git for Visual Studio Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350 https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com https://security.gentoo.org/glsa/202003-30 https://security.gentoo.org/glsa/202003-42 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 8%CPEs: 2EXPL: 0

CVE-2019-1349 – git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/

https://notcve.org/view.php?id=CVE-2019-1349

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. Se presenta una vulnerabilidad de ejecución de código remota cuando Git para Visual Studio sanea inapropiadamente la entrada, también se conoce como "Git for Visual Studio Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. An improper input validation flaw was discovered in git in the way it handles git submodules. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349 https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com https://security.gentoo.org/glsa/202003-30 https://access.redhat.com/security/cve/CVE-2019-1349 https://bugzilla.redhat.com/show_bug.cgi • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 8%CPEs: 2EXPL: 0

CVE-2019-1352 – git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

https://notcve.org/view.php?id=CVE-2019-1352

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. Se presenta una vulnerabilidad de ejecución de código remota cuando Git para Visual Studio sanea inapropiadamente la entrada, también se conoce como "Git for Visual Studio Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352 https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com https://security.gentoo.org/glsa/202003-30 https://access.redhat.com/security/cve/CVE-2019-1352 https://bugzilla.redhat.com/show_bug.cgi • CWE-20: Improper Input Validation CWE-73: External Control of File Name or Path •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

CVE-2019-1232

https://notcve.org/view.php?id=CVE-2019-1232

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka 'Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios cuando el Diagnostics Hub Standard Collector Service suplanta inapropiadamente ciertas operaciones de archivo, también se conoce como "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1232 •