Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs cvs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4455
cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote malicious users to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.
Livejournal Livejournal
3.5
CVSSv3
CVE-2020-5283
ViewVC prior to 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has...
Viewvc Viewvc
4.3
CVSSv3
CVE-2020-2184
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and previous versions allows malicious users to create and manipulate tags, and to connect to an attacker-specified URL.
Jenkins Current Versions Systems
NA
CVE-2004-1544
Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and previous versions allows remote malicious users to execute arbitrary web script as other users via the query parameter.
Jspwiki Jspwiki 2.1.120
Jspwiki Jspwiki 2.1.121
Jspwiki Jspwiki 2.1.122
NA
CVE-2004-1426
Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and previous versions allows remote malicious users to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.
Korweblog Korweblog 1.6.1
Korweblog Korweblog 1.6.2cvs
NA
CVE-2004-0913
Unknown vulnerability in ecartis 0.x prior to 0.129a+1.0.0-snap20020514-1.3 and 1.x prior to 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configuration.
Ecartis Ecartis 0.129a
Ecartis Ecartis 1.0.0 Snapshot 2002-01-21
Ecartis Ecartis 1.0.0 Snapshot 2003-03-12
Ecartis Ecartis 1.0.0 Snapshot 2003-03-18
Ecartis Ecartis 1.0.0 Snapshot 2002-01-25
Ecartis Ecartis 1.0.0 Snapshot 2002-04-27
Ecartis Ecartis 1.0.0 Snapshot 2003-04-16
Ecartis Ecartis 1.0.0 Snapshot 2003-04-17
Ecartis Ecartis 1.0.0 Snapshot 2002-05-14
Ecartis Ecartis 1.0.0 Snapshot 2002-10-13
Ecartis Ecartis 1.0.0 Snapshot 2003-02-27
Ecartis Ecartis 1.0.0 Snapshot 2003-03-03
Ecartis Ecartis 1.0.0 Snapshot 2003-03-09
6.8
CVSSv3
CVE-2020-4689
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.
Ibm Security Guardium 11.2
NA
CVE-2002-1681
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote malicious users to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
Open Source Development Network Slashcode 2.2.2
Open Source Development Network Slashcode 2.2.3
Open Source Development Network Slashcode 2.2.4
Open Source Development Network Slashcode 2.2.5
Open Source Development Network Slashcode 2.2.1
8.8
CVSSv3
CVE-2017-14867
Git prior to 2.10.5, 2.11.x prior to 2.11.4, 2.12.x prior to 2.12.5, 2.13.x prior to 2.13.6, and 2.14.x prior to 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows malicious users to execute arbitrary OS commands via shell metacharacters in a m...
Git-scm Git 2.11.0
Git-scm Git 2.11.1
Git-scm Git 2.11.2
Git-scm Git 2.11.3
Git-scm Git 2.12.0
Git-scm Git 2.12.1
Git-scm Git 2.12.2
Git-scm Git 2.12.3
Git-scm Git 2.12.4
Git-scm Git 2.13.0
Git-scm Git 2.13.1
Git-scm Git 2.13.2
Git-scm Git 2.13.3
Git-scm Git 2.13.4
Git-scm Git 2.13.5
Git-scm Git 2.14.0
Git-scm Git 2.14.1
Git-scm Git
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2009-3304
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php.
Gforge Gforge 4.5.14
Gforge Gforge 4.8.2
Gforge Gforge 4.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »