Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-9390

EPSS 77.16% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-9390

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mercurial输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mercurial是Matt Mackall个人开发者的一套使用Python语言编写的跨平台的分布式版本控制软件。该软件支持同时处理纯文本和二进制文件等。 Mercurial存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2014-9390

#POC DescriptionSource LinkShenlong Link
1PoC for CVE-2014-9390https://github.com/mdisec/CVE-2014-9390POC Details
2pyonpyonhttps://github.com/hakatashi/CVE-2014-9390POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2014-9390

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-02-12 · 51 CVEs total

CVE-2019-19194多款Telink Semiconductor产品 安全漏洞
CVE-2009-5140Linksys SPA2102 phone adapter 安全漏洞
CVE-2014-6262Zenoss Core RRDtool 格式化字符串错误漏洞
CVE-2014-2595Barracuda Networks Barracuda Web Application Firewall 代码问题漏洞
CVE-2014-4968Boat Browser WebView Class 代码注入漏洞
CVE-2014-0234Red Hat OpenShift Enterprise 安全漏洞
CVE-2019-19921runc 安全漏洞
CVE-2014-8128Silicon Graphics LibTIFF 缓冲区错误漏洞
CVE-2020-8595Istio 授权问题漏洞
CVE-2019-19196多款Telink Semiconductor产品 缓冲区错误漏洞
CVE-2013-7378Hubot Scripts email.coffee模块注入漏洞
CVE-2013-7381node-libnotify 注入漏洞
CVE-2015-5617Enorth Webpublisher CMS SQL注入漏洞
CVE-2020-8815IKTeam BearFTP 输入验证错误漏洞
CVE-2020-8839CHIYU BF-430 232/485 TCP/IP Converter 跨站脚本漏洞
CVE-2015-7890Samsung S6 Edge Exynos Seiren Audio 缓冲区错误漏洞
CVE-2013-1410Perforce P4web 跨站脚本漏洞
CVE-2013-4090Varnish HTTP cache 安全漏洞
CVE-2013-3685Sprite Software Spritebud和Backup 竞争条件问题漏洞
CVE-2013-6236IZON IP 信任管理问题漏洞

Showing top 20 of 51 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2014-9390

No comments yet

Leave a comment