Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2013-4246
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x prior to 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
Apache Subversion 1.8.0
Apache Subversion 1.8.1
5
CVSSv2
CVE-2018-11803
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
Apache Subversion
Apache Subversion 1.11.0
Canonical Ubuntu Linux 18.10
4
CVSSv2
CVE-2020-2304
Jenkins Subversion Plugin 2.13.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Subversion
3.5
CVSSv2
CVE-2020-2111
Jenkins Subversion Plugin 2.13.0 and previous versions does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.
Jenkins Subversion
4.3
CVSSv2
CVE-2017-1000085
Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server...
Jenkins Subversion
5
CVSSv2
CVE-2018-1000111
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and previous versions in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Jenkins Subversion
5
CVSSv2
CVE-2021-21698
Jenkins Subversion Plugin 2.15.0 and previous versions does not restrict the name of a file when looking up a subversion key file on the controller from an agent.
Jenkins Subversion
3.5
CVSSv2
CVE-2022-29046
Jenkins Subversion Plugin 2.15.3 and previous versions does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configur...
Jenkins Subversion
Apple Macos
5.8
CVSSv2
CVE-2020-15789
A vulnerability has been identified in Polarion Subversion Webclient (All versions). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a...
Siemens Polarion Subversion Webclient
4.3
CVSSv2
CVE-2022-29048
A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Subversion
Apple Macos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »