Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-0396
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote malicious users to execute arbitrary code via Entry lines.
Cvs Cvs 1.12
Cvs Cvs 1.11
2 EDB exploits
7.1
CVSSv2
CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string spec...
Cvs Cvs 1.11.10
Cvs Cvs 1.11.11
Cvs Cvs 1.11.5
Cvs Cvs 1.11.6
Openpkg Openpkg 2.0
Openpkg Openpkg Current
Cvs Cvs 1.10.7
Cvs Cvs 1.10.8
Cvs Cvs 1.11
Cvs Cvs 1.11.16
Cvs Cvs 1.11.2
Cvs Cvs 1.12.5
Cvs Cvs 1.12.7
Cvs Cvs 1.11.14
Cvs Cvs 1.11.15
Cvs Cvs 1.12.1
Cvs Cvs 1.12.2
Sgi Propack 2.4
Sgi Propack 3.0
Cvs Cvs 1.11.1
Cvs Cvs 1.11.1 P1
Cvs Cvs 1.11.3
1 EDB exploit
5.1
CVSSv2
CVE-2017-12836
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote malicious users to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
Gnu Cvs 1.12.12
Gnu Cvs 1.12.6
Gnu Cvs 1.12.3
Gnu Cvs 1.12.11
Gnu Cvs 1.12.10
Gnu Cvs 1.12.9
Gnu Cvs 1.12.7
Gnu Cvs 1.12.13
Gnu Cvs 1.12.5
Gnu Cvs 1.12.1
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
2.6
CVSSv2
CVE-2004-0180
The client for CVS prior to 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Cvs Cvs
5
CVSSv2
CVE-2004-0405
CVS prior to 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
Cvs Cvs
4.6
CVSSv2
CVE-2005-2693
cvsbug in CVS 1.12.12 and previous versions creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
Cvs Cvs 1.12.12
7.2
CVSSv2
CVE-2000-0680
The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.
Cvs Cvs 1.10.8
1 EDB exploit
2.1
CVSSv2
CVE-2000-0679
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.
Cvs Cvs 1.10.8
1 EDB exploit
6.8
CVSSv2
CVE-2006-6386
Cross-site scripting (XSS) vulnerability in the CVS management/tracker 4.7.x-1.0, 4.7.x-2.0, and 4.7.0 (before the 20060807 contribution release system) for Drupal allows remote malicious users to inject arbitrary web script or HTML via the motivation field in the CVS application...
Drupal Cvs Management And Tracker 4.7 1.0
Drupal Cvs Management And Tracker 4.7 2.0
4.6
CVSSv2
CVE-2002-0844
Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD prior to 1.11.2 allows local users to execute arbitrary code.
Distrotech Cvs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »