Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache subversion vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
8
CVSSv2
CVE-2015-5343
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x prior to 1.8.15, and 1.9.x prior to 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-enco...
Apache Subversion
Debian Debian Linux 8.0
1 Github repository
7.8
CVSSv2
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Apache Subversion 1.8.0
Apache Subversion 1.8.8
Apache Subversion 1.8.9
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.8.5
Apache Subversion 1.8.1
Apache Subversion 1.8.2
Apache Subversion 1.8.10
Apache Subversion 1.8.11
Apache Subversion 1.8.6
Apache Subversion 1.8.7
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
7.1
CVSSv2
CVE-2013-2088
contrib/hook-scripts/svn-keyword-check.pl in Subversion prior to 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
Apache Subversion 1.6.3
Apache Subversion 1.6.2
Apache Subversion 1.6.10
Apache Subversion 1.6.9
Apache Subversion 1.6.20
Apache Subversion 1.6.19
Apache Subversion 1.6.6
Apache Subversion 1.6.5
Apache Subversion 1.6.13
Apache Subversion 1.6.12
Apache Subversion 1.6.18
Apache Subversion 1.6.15
Apache Subversion 1.6.4
Apache Subversion 1.6.11
Collabnet Subversion 1.6.17
Apache Subversion 1.6.17
Apache Subversion
Apache Subversion 1.6.14
Apache Subversion 1.6.1
Apache Subversion 1.6.0
Apache Subversion 1.6.7
Apache Subversion 1.6.8
1 EDB exploit
6.8
CVSSv2
CVE-2010-4539
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking ...
Apache Subversion 1.2.0
Apache Subversion 1.0.4
Apache Subversion 1.6.10
Apache Subversion 0.22.0
Apache Subversion 1.0.8
Apache Subversion 1.4.5
Apache Subversion 1.0.2
Apache Subversion 1.1.2
Apache Subversion 0.26.0
Apache Subversion 0.10.1
Apache Subversion 0.15
Apache Subversion 1.0.9
Apache Subversion 1.4.2
Apache Subversion 0.37.0
Apache Subversion M2
Apache Subversion 1.6.2
Apache Subversion 0.9
Apache Subversion 0.7
Apache Subversion 0.19.0
Apache Subversion 0.22.2
Apache Subversion 0.12.0
Apache Subversion 1.5.5
6.5
CVSSv2
CVE-2013-4246
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x prior to 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
Apache Subversion 1.8.0
Apache Subversion 1.8.1
6
CVSSv2
CVE-2010-3315
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x prior to 1.5.8 and 1.6.x prior to 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authentic...
Apache Subversion 1.6.5
Apache Subversion 1.6.4
Apache Subversion 1.6.12
Apache Subversion 1.6.11
Apache Subversion 1.6.3
Apache Subversion 1.6.2
Apache Subversion 1.6.7
Apache Subversion 1.6.6
Apache Subversion 1.6.10
Apache Subversion 1.6.9
Apache Subversion 1.6.8
Apache Subversion 1.6.1
Apache Subversion 1.6.0
Apache Subversion 1.5.6
Apache Subversion 1.5.5
Apache Subversion 1.5.4
Apache Subversion 1.5.3
Apache Subversion 1.5.7
Apache Subversion 1.5.0
Apache Subversion 1.5.2
Apache Subversion 1.5.1
5.4
CVSSv2
CVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor t...
Apache Axis 1.4
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
1 EDB exploit
2 Github repositories
5
CVSSv2
CVE-2022-24070
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 up to and including 1.14.1 (inclusive). Se...
Apache Subversion
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Apple Macos
5
CVSSv2
CVE-2019-0203
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »