Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache subversion 1.5.6 vulnerabilities and exploits

(subscribe to this query)
6
CVSSv2
CVE-2010-3315
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x prior to 1.5.8 and 1.6.x prior to 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authentic...
Apache Subversion 1.6.5Apache Subversion 1.6.4Apache Subversion 1.6.12Apache Subversion 1.6.11Apache Subversion 1.6.3Apache Subversion 1.6.2Apache Subversion 1.6.7Apache Subversion 1.6.6Apache Subversion 1.6.10Apache Subversion 1.6.9Apache Subversion 1.6.8Apache Subversion 1.6.1Apache Subversion 1.6.0Apache Subversion 1.5.6Apache Subversion 1.5.5Apache Subversion 1.5.4Apache Subversion 1.5.3Apache Subversion 1.5.7Apache Subversion 1.5.0Apache Subversion 1.5.2Apache Subversion 1.5.1
4.3
CVSSv2
CVE-2011-1921
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x prior to 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allow...
Apache Subversion 1.5.0Apache Subversion 1.5.3Apache Subversion 1.5.6Apache Subversion 1.5.5Apache Subversion 1.5.4Apache Subversion 1.5.1Apache Subversion 1.5.8Apache Subversion 1.5.7Apache Subversion 1.5.2Apache Subversion 1.6.15Apache Subversion 1.6.3Apache Subversion 1.6.2Apache Subversion 1.6.11Apache Subversion 1.6.10Apache Subversion 1.6.14Apache Subversion 1.6.1Apache Subversion 1.6.0Apache Subversion 1.6.9Apache Subversion 1.6.13Apache Subversion 1.6.16Apache Subversion 1.6.5Apache Subversion 1.6.4
3.3
CVSSv2
CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 up to and including 1.7.12 and 1.8.0 up to and including 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.
Apache Subversion 1.7.7Apache Subversion 1.7.6Apache Subversion 1.7.0Apache Subversion 1.6.9Apache Subversion 1.6.21Apache Subversion 1.6.20Apache Subversion 1.6.14Apache Subversion 1.6.13Apache Subversion 1.5.7Apache Subversion 1.5.6Apache Subversion 1.4.5Apache Subversion 1.4.4Apache Subversion 1.8.0Apache Subversion 1.8.1Apache Subversion 1.7.3Apache Subversion 1.7.2Apache Subversion 1.6.6Apache Subversion 1.6.5Apache Subversion 1.6.4Apache Subversion 1.6.18Apache Subversion 1.6.17Apache Subversion 1.6.10
2.6
CVSSv2
CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 up to and including 1.7.13 and 1.8.0 up to and including 1.8.4 allows remote malicious users to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relativ...
Apache Mod Dontdothat -Apache Subversion 1.8.1Apache Subversion 1.4.0Apache Subversion 1.5.0Apache Subversion 1.5.1Apache Subversion 1.5.8Apache Subversion 1.6.0Apache Subversion 1.6.16Apache Subversion 1.6.17Apache Subversion 1.6.3Apache Subversion 1.6.4Apache Subversion 1.7.1Apache Subversion 1.7.10Apache Subversion 1.4.5Apache Subversion 1.4.6Apache Subversion 1.5.6Apache Subversion 1.5.7Apache Subversion 1.6.14Apache Subversion 1.6.15Apache Subversion 1.6.21Apache Subversion 1.6.23Apache Subversion 1.6.9
4
CVSSv2
CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 up to and including 1.7.x prior to 1.7.18 and 1.8.x prior to 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof se...
Apache Subversion 1.7.17Apache Subversion 1.8.7Apache Subversion 1.8.5Apache Subversion 1.8.6Apache Subversion 1.7.13Apache Subversion 1.7.14Apache Subversion 1.7.7Apache Subversion 1.7.8Apache Subversion 1.6.14Apache Subversion 1.6.15Apache Subversion 1.6.21Apache Subversion 1.6.23Apache Subversion 1.6.9Apache Subversion 1.5.0Apache Subversion 1.5.8Apache Subversion 1.4.0Apache Subversion 1.8.2Apache Subversion 1.8.3Apache Subversion 1.8.4Apache Subversion 1.7.11Apache Subversion 1.7.12Apache Subversion 1.7.5
4.3
CVSSv2
CVE-2011-0715
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.16, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
Apache Subversion 1.0.1Apache Subversion 0.36.0Apache Subversion 1.0.9Apache Subversion 1.0.6Apache Subversion 1.2.1Apache Subversion 1.2.0Apache Subversion 1.1.4Apache Subversion 1.4.0Apache Subversion 0.18.1Apache Subversion 0.18.0Apache Subversion 0.22.2Apache Subversion 0.28.1Apache Subversion 0.28.0Apache Subversion 0.34.0Apache Subversion 0.33.1Apache Subversion 1.5.0Apache Subversion 1.5.3Apache Subversion 1.6.3Apache Subversion 1.6.2Apache Subversion 0.9Apache Subversion 0.8Apache Subversion 0.15
6.8
CVSSv2
CVE-2010-4539
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking ...
Apache Subversion 1.2.0Apache Subversion 1.0.4Apache Subversion 1.6.10Apache Subversion 0.22.0Apache Subversion 1.0.8Apache Subversion 1.4.5Apache Subversion 1.0.2Apache Subversion 1.1.2Apache Subversion 0.26.0Apache Subversion 0.10.1Apache Subversion 0.15Apache Subversion 1.0.9Apache Subversion 1.4.2Apache Subversion 0.37.0Apache Subversion M2Apache Subversion 1.6.2Apache Subversion 0.9Apache Subversion 0.7Apache Subversion 0.19.0Apache Subversion 0.22.2Apache Subversion 0.12.0Apache Subversion 1.5.5
3.5
CVSSv2
CVE-2010-4644
Multiple memory leaks in rev_hunt.c in Apache Subversion prior to 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
Apache Subversion 1.2.0Apache Subversion 1.0.4Apache Subversion 1.6.10Apache Subversion 0.22.0Apache Subversion 1.0.8Apache Subversion 1.4.5Apache Subversion 1.0.2Apache Subversion 1.1.2Apache Subversion 0.26.0Apache Subversion 0.10.1Apache Subversion 0.15Apache Subversion 1.0.9Apache Subversion 1.4.2Apache Subversion 0.37.0Apache Subversion M2Apache Subversion 1.6.2Apache Subversion 0.9Apache Subversion 0.7Apache Subversion 0.19.0Apache Subversion 0.22.2Apache Subversion 0.12.0Apache Subversion 1.5.5
4
CVSSv2
CVE-2014-3504
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 up to and including 1.3.x prior to 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, w...
Apache Subversion 1.6.10Apache Subversion 1.6.19Apache Subversion 1.8.2Apache Subversion 1.4.5Apache Subversion 1.7.3Apache Subversion 1.6.20Apache Subversion 1.7.17Apache Subversion 1.8.0Apache Subversion 1.4.2Apache Subversion 1.6.2Apache Subversion 1.7.1Apache Subversion 1.7.11Apache Subversion 1.7.16Apache Subversion 1.6.18Apache Subversion 1.6.16Apache Subversion 1.5.5Apache Subversion 1.7.4Apache Subversion 1.6.21Apache Subversion 1.6.5Apache Subversion 1.7.6Apache Subversion 1.5.3Apache Subversion 1.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook