Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu cvs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-12836
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote malicious users to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
Gnu Cvs 1.12.10
Gnu Cvs 1.12.7
Gnu Cvs 1.12.9
Gnu Cvs 1.12.11
Gnu Cvs 1.12.13
Gnu Cvs 1.12.6
Gnu Cvs 1.12.5
Gnu Cvs 1.12.3
Gnu Cvs 1.12.1
Gnu Cvs 1.12.12
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf.
Rssh Rssh 2.3.0
NA
CVE-2004-1342
CVS 1.12 and previous versions on Debian GNU/Linux, when using the repouid patch, allows remote malicious users to bypass authentication via the pserver access method.
Cvs Cvs 1.11.14
Cvs Cvs 1.10.6
Cvs Cvs 1.11.1
Cvs Cvs 1.11
Cvs Cvs 1.11.4
Cvs Cvs 1.11.16
Cvs Cvs 1.11.5
Cvs Cvs 1.10.8
Cvs Cvs 1.11.15
Cvs Cvs 1.11.11
Cvs Cvs 1.11.6
Cvs Cvs 1.10
Cvs Cvs 1.11.3
Cvs Cvs 1.11.2
Cvs Cvs 1.11.10
Cvs Cvs 1.12
Cvs Cvs 1.10.7
Cvs Cvs 1.11.1 P1
NA
CVE-2004-1343
CVS 1.12 and previous versions on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote malicious users to cause a denial of service (server crash).
Cvs Cvs 1.11.14
Cvs Cvs 1.10.6
Cvs Cvs 1.11.1
Cvs Cvs 1.11
Cvs Cvs 1.11.4
Cvs Cvs 1.11.16
Cvs Cvs 1.11.5
Cvs Cvs 1.10.8
Cvs Cvs 1.11.15
Cvs Cvs 1.11.11
Cvs Cvs 1.11.6
Cvs Cvs 1.10
Cvs Cvs 1.11.3
Cvs Cvs 1.11.2
Cvs Cvs 1.11.10
Cvs Cvs 1.12
Cvs Cvs 1.10.7
Cvs Cvs 1.11.1 P1
NA
CVE-2004-0778
CVS 1.11.x prior to 1.11.17, and 1.12.x prior to 1.12.9, allows remote malicious users to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
Gnu Cvs
NA
CVE-2004-0077
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges...
Redhat Kernel Doc 2.4.20-8
Redhat Kernel 2.4.20-8
Redhat Bigmem Kernel 2.4.20-8
Redhat Kernel Source 2.4.20-8
Linux Linux Kernel 2.2.0
Linux Linux Kernel 2.2.1
Linux Linux Kernel 2.2.2
Linux Linux Kernel 2.2.3
Linux Linux Kernel 2.2.4
Linux Linux Kernel 2.2.5
Linux Linux Kernel 2.2.6
Linux Linux Kernel 2.2.7
Linux Linux Kernel 2.2.8
Linux Linux Kernel 2.2.9
Linux Linux Kernel 2.2.10
Linux Linux Kernel 2.2.11
Linux Linux Kernel 2.2.12
Linux Linux Kernel 2.2.13
Linux Linux Kernel 2.2.14
Linux Linux Kernel 2.2.15
Linux Linux Kernel 2.2.15 Pre20
Linux Linux Kernel 2.2.16
2 EDB exploits
NA
CVE-2003-0440
The (1) semi MIME library 1.14.5 and previous versions, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Semi Semi 1.14.3
Debian Debian Linux 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started