Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion subversion vulnerabilities and exploits
(subscribe to this query)
214
VMScore
CVE-2013-7393
The daemonize.py module in Subversion 1.8.0 prior to 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on differ...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
445
VMScore
CVE-2018-11803
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
Apache Subversion
Apache Subversion 1.11.0
Canonical Ubuntu Linux 18.10
445
VMScore
CVE-2018-1000111
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and previous versions in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Jenkins Subversion
312
VMScore
CVE-2020-2111
Jenkins Subversion Plugin 2.13.0 and previous versions does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.
Jenkins Subversion
356
VMScore
CVE-2020-2304
Jenkins Subversion Plugin 2.13.1 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Subversion
445
VMScore
CVE-2021-21698
Jenkins Subversion Plugin 2.15.0 and previous versions does not restrict the name of a file when looking up a subversion key file on the controller from an agent.
Jenkins Subversion
383
VMScore
CVE-2017-1000085
Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server...
Jenkins Subversion
383
VMScore
CVE-2020-2152
Jenkins Subversion Release Manager Plugin 1.2 and previous versions does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability.
Jenkins Subversion Release Manager
312
VMScore
CVE-2022-29046
Jenkins Subversion Plugin 2.15.3 and previous versions does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configur...
Jenkins Subversion
Apple Macos
383
VMScore
CVE-2020-15788
A vulnerability has been identified in Polarion Subversion Webclient (All versions). The Polarion subversion web application does not filter user input in a way that prevents Cross-Site Scripting. If a user is enticed into passing specially crafted, malicious input to the web cli...
Siemens Polarion Subversion Webclient
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »