Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs cvs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43071
Dell SmartFabric Storage Software v1.4 (and previous versions) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit t...
Dell Smartfabric Storage Software
NA
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions before 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a Subversion re...
Viewvc Viewvc
NA
CVE-2023-22456
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions before 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a S...
Viewvc Viewvc
3.5
CVSSv2
CVE-2022-29037
Jenkins CVS Plugin 2.19 and previous versions does not escape the name and description of CVS Symbolic Name parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Cvs
6.5
CVSSv2
CVE-2021-43806
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated ma...
Enalean Tuleap
6.5
CVSSv2
CVE-2021-41155
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following vers...
Enalean Tuleap
3.5
CVSSv2
CVE-2020-26256
Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. In fast-cvs before version 4.3.6 there is a possible ReDoS vulnerability (Regular Expression Denial of Service) when using ignoreEmpty option when parsing. This has been patched ...
C2fo Fast-csv
5
CVSSv2
CVE-2020-2324
Jenkins CVS Plugin 2.16 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Cvs
9
CVSSv2
CVE-2020-4627
IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 185367.
Ibm Cloud Pak For Security 1.3.0.1
9.3
CVSSv2
CVE-2020-4759
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.
Ibm Filenet Content Manager 5.5.4
Ibm Filenet Content Manager 5.5.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »