Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs cvs 1.11 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0015
Double-free vulnerability in CVS 1.11.4 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog comman...
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 4.4
Freebsd Freebsd 4.6
Freebsd Freebsd 5.0
Cvs Cvs 1.11.1
Cvs Cvs 1.11
Cvs Cvs 1.11.4
Cvs Cvs 1.11.1p1
Cvs Cvs 1.10.8
Cvs Cvs 1.11.3
Cvs Cvs 1.11.2
Cvs Cvs 1.10.7
1 EDB exploit
7.1
CVSSv2
CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string spec...
Openpkg Openpkg 2.0
Cvs Cvs 1.11.14
Cvs Cvs 1.11.1
Cvs Cvs 1.11
Cvs Cvs 1.12.2
Cvs Cvs 1.11.4
Cvs Cvs 1.12.7
Sgi Propack 3.0
Cvs Cvs 1.12.5
Openpkg Openpkg 1.3
Cvs Cvs 1.11.16
Cvs Cvs 1.11.5
Cvs Cvs 1.10.8
Cvs Cvs 1.11.15
Cvs Cvs 1.11.11
Openpkg Openpkg Current
Cvs Cvs 1.12.8
Cvs Cvs 1.11.6
Cvs Cvs 1.12.1
Cvs Cvs 1.11.3
Cvs Cvs 1.11.2
Cvs Cvs 1.11.10
1 EDB exploit
5
CVSSv2
CVE-2004-1343
CVS 1.12 and previous versions on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote malicious users to cause a denial of service (server crash).
Cvs Cvs 1.11.14
Cvs Cvs 1.10.6
Cvs Cvs 1.11.1
Cvs Cvs 1.11
Cvs Cvs 1.11.4
Cvs Cvs 1.11.16
Cvs Cvs 1.11.5
Cvs Cvs 1.10.8
Cvs Cvs 1.11.15
Cvs Cvs 1.11.11
Cvs Cvs 1.11.6
Cvs Cvs 1.10
Cvs Cvs 1.11.3
Cvs Cvs 1.11.2
Cvs Cvs 1.11.10
Cvs Cvs 1.12
Cvs Cvs 1.10.7
Cvs Cvs 1.11.1 P1
5
CVSSv2
CVE-2004-0778
CVS 1.11.x prior to 1.11.17, and 1.12.x prior to 1.12.9, allows remote malicious users to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
Gnu Cvs
5
CVSSv2
CVE-2004-0417
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, may allow remote malicious users to cause a server crash, which could cause temporary data to remain undeleted...
Openpkg Openpkg 2.0
Cvs Cvs 1.11.14
Cvs Cvs 1.11.1
Cvs Cvs 1.11
Cvs Cvs 1.12.2
Cvs Cvs 1.11.4
Cvs Cvs 1.12.7
Sgi Propack 3.0
Cvs Cvs 1.12.5
Openpkg Openpkg 1.3
Cvs Cvs 1.11.16
Cvs Cvs 1.11.5
Cvs Cvs 1.10.8
Cvs Cvs 1.11.15
Cvs Cvs 1.11.11
Cvs Cvs 1.12.8
Cvs Cvs 1.11.6
Cvs Cvs 1.12.1
Cvs Cvs 1.11.3
Cvs Cvs 1.11.2
Cvs Cvs 1.11.10
Sgi Propack 2.4
5
CVSSv2
CVE-2004-0405
CVS prior to 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
Cvs Cvs
4.3
CVSSv2
CVE-2006-5190
Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter in the (a) banner_manager.php, (b) banner_statistics.php, (c) countries.php, (d) currenci...
Oscommerce Oscommerce 2.2 Ms3
Oscommerce Oscommerce
Oscommerce Oscommerce 2.2 Ms1
Oscommerce Oscommerce 1.11
Oscommerce Oscommerce 2.2 Ms2
Oscommerce Oscommerce 1.5.1
Oscommerce Oscommerce 1.12
Oscommerce Oscommerce 2.2 Cvs
Oscommerce Oscommerce 2.1
Oscommerce Oscommerce 1.1
Oscommerce Oscommerce 1.13
17 EDB exploits
2.6
CVSSv2
CVE-2004-0180
The client for CVS prior to 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Cvs Cvs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2