Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache subversion vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
715
VMScore
CVE-2013-2088
contrib/hook-scripts/svn-keyword-check.pl in Subversion prior to 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
Apache Subversion 1.6.3
Apache Subversion 1.6.2
Apache Subversion 1.6.10
Apache Subversion 1.6.9
Apache Subversion 1.6.20
Apache Subversion 1.6.19
Apache Subversion 1.6.6
Apache Subversion 1.6.5
Apache Subversion 1.6.13
Apache Subversion 1.6.12
Apache Subversion 1.6.18
Apache Subversion 1.6.15
Apache Subversion 1.6.4
Apache Subversion 1.6.11
Collabnet Subversion 1.6.17
Apache Subversion 1.6.17
Apache Subversion
Apache Subversion 1.6.14
Apache Subversion 1.6.1
Apache Subversion 1.6.0
Apache Subversion 1.6.7
Apache Subversion 1.6.8
1 EDB exploit
712
VMScore
CVE-2015-5343
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x prior to 1.8.15, and 1.9.x prior to 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-enco...
Apache Subversion
Debian Debian Linux 8.0
1 Github repository
694
VMScore
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Apache Subversion 1.8.0
Apache Subversion 1.8.8
Apache Subversion 1.8.9
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.8.5
Apache Subversion 1.8.1
Apache Subversion 1.8.2
Apache Subversion 1.8.10
Apache Subversion 1.8.11
Apache Subversion 1.8.6
Apache Subversion 1.8.7
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
605
VMScore
CVE-2010-4539
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking ...
Apache Subversion 1.2.0
Apache Subversion 1.0.4
Apache Subversion 1.6.10
Apache Subversion 0.22.0
Apache Subversion 1.0.8
Apache Subversion 1.4.5
Apache Subversion 1.0.2
Apache Subversion 1.1.2
Apache Subversion 0.26.0
Apache Subversion 0.10.1
Apache Subversion 0.15
Apache Subversion 1.0.9
Apache Subversion 1.4.2
Apache Subversion 0.37.0
Apache Subversion M2
Apache Subversion 1.6.2
Apache Subversion 0.9
Apache Subversion 0.7
Apache Subversion 0.19.0
Apache Subversion 0.22.2
Apache Subversion 0.12.0
Apache Subversion 1.5.5
578
VMScore
CVE-2013-4246
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x prior to 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
Apache Subversion 1.8.0
Apache Subversion 1.8.1
546
VMScore
CVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor t...
Apache Axis 1.4
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
1 EDB exploit
2 Github repositories
534
VMScore
CVE-2010-3315
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x prior to 1.5.8 and 1.6.x prior to 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authentic...
Apache Subversion 1.6.5
Apache Subversion 1.6.4
Apache Subversion 1.6.12
Apache Subversion 1.6.11
Apache Subversion 1.6.3
Apache Subversion 1.6.2
Apache Subversion 1.6.7
Apache Subversion 1.6.6
Apache Subversion 1.6.10
Apache Subversion 1.6.9
Apache Subversion 1.6.8
Apache Subversion 1.6.1
Apache Subversion 1.6.0
Apache Subversion 1.5.6
Apache Subversion 1.5.5
Apache Subversion 1.5.4
Apache Subversion 1.5.3
Apache Subversion 1.5.7
Apache Subversion 1.5.0
Apache Subversion 1.5.2
Apache Subversion 1.5.1
505
VMScore
CVE-2013-1884
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 up to and including 1.7.8 allows remote malicious users to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable...
Apache Subversion 1.7.0
Apache Subversion 1.7.7
Apache Subversion 1.7.5
Apache Subversion 1.7.6
Apache Subversion 1.7.3
Apache Subversion 1.7.4
Apache Subversion 1.7.1
Apache Subversion 1.7.2
1 EDB exploit
445
VMScore
CVE-2022-24070
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 up to and including 1.14.1 (inclusive). Se...
Apache Subversion
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Apple Macos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »