Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs cvs vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-43071
Dell SmartFabric Storage Software v1.4 (and previous versions) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit t...
Dell Smartfabric Storage Software
5.4
CVSSv3
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions before 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a Subversion re...
Viewvc Viewvc
6.1
CVSSv3
CVE-2023-22456
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions before 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a S...
Viewvc Viewvc
5.4
CVSSv3
CVE-2022-29037
Jenkins CVS Plugin 2.19 and previous versions does not escape the name and description of CVS Symbolic Name parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Cvs
8.8
CVSSv3
CVE-2021-43806
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated ma...
Enalean Tuleap
8.8
CVSSv3
CVE-2021-41155
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following vers...
Enalean Tuleap
6.5
CVSSv3
CVE-2020-26256
Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. In fast-cvs before version 4.3.6 there is a possible ReDoS vulnerability (Regular Expression Denial of Service) when using ignoreEmpty option when parsing. This has been patched ...
C2fo Fast-csv
7.5
CVSSv3
CVE-2020-2324
Jenkins CVS Plugin 2.16 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Cvs
9
CVSSv3
CVE-2020-4627
IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 185367.
Ibm Cloud Pak For Security 1.3.0.1
7.8
CVSSv3
CVE-2020-4759
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.
Ibm Filenet Content Manager 5.5.4
Ibm Filenet Content Manager 5.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »