Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-2162
Buffer overflow in CGI scripts in Nagios 1.x prior to 1.4 and 2.x prior to 2.3 allows remote malicious users to execute arbitrary code via a negative content length (Content-Length) HTTP header.
Nagios Nagios
445
VMScore
CVE-2006-1537
Craig Knudsen WebCalendar 1.1.0-CVS allows remote malicious users to obtain sensitive information via a direct request to (1) includes/index.php, (2) tests/add_duration_test.php, (3) tests/all_tests.php, (4) groups.php, (5) nonusers.php, (6) includes/settings.php, (7) includes/in...
Webcalendar Webcalendar 1.1.0
445
VMScore
CVE-2006-1195
The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and previous versions, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote malicious users to cause a denial of service (application crash) v...
Enet Enet Library
445
VMScore
CVE-2005-4455
cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote malicious users to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.
Livejournal Livejournal
445
VMScore
CVE-2005-1121
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and previous versions, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow malicious users to execute arbitrary code via a URL.
Igor Khasilev Oops Proxy Server 1.4.22
Igor Khasilev Oops Proxy Server 1.5.19
Igor Khasilev Oops Proxy Server 1.5.53
Gentoo Linux
445
VMScore
CVE-2004-0915
Multiple unknown vulnerabilities in viewcvs prior to 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote malicious users to gain sensitive information.
Viewcvs Viewcvs 0.9.2
Debian Debian Linux 3.0
445
VMScore
CVE-2004-1343
CVS 1.12 and previous versions on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote malicious users to cause a denial of service (server crash).
Cvs Cvs 1.10.7
Cvs Cvs 1.11
Cvs Cvs 1.11.16
Cvs Cvs 1.11.3
Cvs Cvs 1.11.1 P1
Cvs Cvs 1.11.10
Cvs Cvs 1.11.11
Cvs Cvs 1.11.14
Cvs Cvs 1.10
Cvs Cvs 1.10.6
Cvs Cvs 1.11.5
Cvs Cvs 1.11.6
Cvs Cvs 1.12
Cvs Cvs 1.10.8
Cvs Cvs 1.11.1
Cvs Cvs 1.11.15
Cvs Cvs 1.11.2
Cvs Cvs 1.11.4
445
VMScore
CVE-2004-1426
Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and previous versions allows remote malicious users to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.
Korweblog Korweblog 1.6.1
Korweblog Korweblog 1.6.2cvs
445
VMScore
CVE-2004-1634
show_bug.cgi in Bugzilla 2.17.1 up to and including 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote malicious users to gain sensitive information.
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.6
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.2
445
VMScore
CVE-2004-1633
process_bug.cgi in Bugzilla 2.9 up to and including 2.18rc2 and 2.19 from CVS does not check edit permissions on the keywords field, which allows remote authenticated users to modify the keywords in a bug via the keywordaction parameter.
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »