Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache subversion vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 up to and including 1.7.10 and 1.8.x prior to 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request agai...
Apache Subversion 1.7.1
Apache Subversion 1.7.2
Apache Subversion 1.7.10
Apache Subversion 1.8.0
Apache Subversion 1.7.3
Apache Subversion 1.7.4
Apache Subversion 1.7.5
Apache Subversion 1.7.6
Apache Subversion 1.7.0
Apache Subversion 1.7.7
Apache Subversion 1.7.8
Apache Subversion 1.7.9
5
CVSSv2
CVE-2013-1884
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 up to and including 1.7.8 allows remote malicious users to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable...
Apache Subversion 1.7.0
Apache Subversion 1.7.7
Apache Subversion 1.7.5
Apache Subversion 1.7.6
Apache Subversion 1.7.3
Apache Subversion 1.7.4
Apache Subversion 1.7.1
Apache Subversion 1.7.2
1 EDB exploit
7.8
CVSSv2
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Apache Subversion 1.8.0
Apache Subversion 1.8.8
Apache Subversion 1.8.9
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.8.5
Apache Subversion 1.8.1
Apache Subversion 1.8.2
Apache Subversion 1.8.10
Apache Subversion 1.8.11
Apache Subversion 1.8.6
Apache Subversion 1.8.7
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
4
CVSSv2
CVE-2014-3504
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 up to and including 1.3.x prior to 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, w...
Apache Subversion 1.6.10
Apache Subversion 1.6.19
Apache Subversion 1.8.2
Apache Subversion 1.4.5
Apache Subversion 1.7.3
Apache Subversion 1.6.20
Apache Subversion 1.7.17
Apache Subversion 1.8.0
Apache Subversion 1.4.2
Apache Subversion 1.6.2
Apache Subversion 1.7.1
Apache Subversion 1.7.11
Apache Subversion 1.7.16
Apache Subversion 1.6.18
Apache Subversion 1.6.16
Apache Subversion 1.5.5
Apache Subversion 1.7.4
Apache Subversion 1.6.21
Apache Subversion 1.6.5
Apache Subversion 1.7.6
Apache Subversion 1.5.3
Apache Subversion 1.4.0
3.5
CVSSv2
CVE-2013-4558
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 up to and including 1.7.13 and 1.8.1 up to and including 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote malicious users to cause a...
Apache Subversion 1.8.2
Apache Subversion 1.7.11
Apache Subversion 1.8.1
Apache Subversion 1.7.12
Apache Mod Dav Svn -
Apache Subversion 1.7.13
Apache Subversion 1.8.4
Apache Subversion 1.8.3
4.9
CVSSv2
CVE-2016-2167
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4, when Cyrus SASL authentication is used, allows remote malicious users to authenticate and bypass intended access restrictions via a realm string that is a pr...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
4
CVSSv2
CVE-2016-2168
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
2.4
CVSSv2
CVE-2013-4262
svnwcsub.py in Subversion 1.8.0 prior to 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py iss...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
Apache Subversion 1.8.2
9
CVSSv2
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
5
CVSSv2
CVE-2019-0203
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »