Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs cvs vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-41155
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following vers...
Enalean Tuleap
668
VMScore
CVE-2004-1427
PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the G_PATH parameter to reference a URL on a remote web server that contains the code, as demonstrated in inde...
Korweblog Korweblog 1.6.2cvs
Korweblog Korweblog 1.6.1
445
VMScore
CVE-2004-1635
Bugzilla 2.17.1 up to and including 2.18rc2 and 2.19 from cvs, when using the insidergroup feature, does not sufficiently protect private attachments when there are changes to the metadata, such as filename, description, MIME type, or review flags, which allows remote authenticat...
765
VMScore
CVE-2007-1381
The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent malicious users to execute arbitrary co...
Php Php 5.0.0
1 EDB exploit
505
VMScore
CVE-2006-1194
Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS version Jul 2005 and previous versions, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote malicious users to cause a denial ...
Enet Enet Library
1 EDB exploit
445
VMScore
CVE-2006-1195
The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and previous versions, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote malicious users to cause a denial of service (application crash) v...
Enet Enet Library
828
VMScore
CVE-2018-6461
March Hare WINCVS prior to 2.8.01 build 6610, and CVS Suite prior to 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the curren...
March-hare Wincvs
435
VMScore
CVE-2005-4454
Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJournal CVS before Dec 7 2005, when the cleancss option is enabled, allows remote malicious users to conduct cross-site scripting (XSS) attacks via a "\" (backslash) within a "javascript" scheme...
Livejournal Livejournal
1 EDB exploit
445
VMScore
CVE-2007-4436
The Drupal Project module prior to 5.x-1.0, 4.7.x-2.3, and 4.7.x-1.3 and Project issue tracking module prior to 5.x-1.0, 4.7.x-2.4, and 4.7.x-1.4 do not properly enforce permissions, which allows remote malicious users to (1) obtain sensitive via the Tracker Module and the Recent...
Drupal Project
Drupal Project Issue Tracking Module
685
VMScore
CVE-2003-0154
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote malicious users to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cg...
Mozilla Bonsai 1.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »