Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache subversion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 up to and including 1.7.10 and 1.8.x prior to 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request agai...
Apache Subversion 1.7.1
Apache Subversion 1.7.2
Apache Subversion 1.7.10
Apache Subversion 1.8.0
Apache Subversion 1.7.3
Apache Subversion 1.7.4
Apache Subversion 1.7.5
Apache Subversion 1.7.6
Apache Subversion 1.7.0
Apache Subversion 1.7.7
Apache Subversion 1.7.8
Apache Subversion 1.7.9
NA
CVE-2013-1884
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 up to and including 1.7.8 allows remote malicious users to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable...
Apache Subversion 1.7.0
Apache Subversion 1.7.7
Apache Subversion 1.7.5
Apache Subversion 1.7.6
Apache Subversion 1.7.3
Apache Subversion 1.7.4
Apache Subversion 1.7.1
Apache Subversion 1.7.2
1 EDB exploit
NA
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Apache Subversion 1.8.0
Apache Subversion 1.8.8
Apache Subversion 1.8.9
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.8.5
Apache Subversion 1.8.1
Apache Subversion 1.8.2
Apache Subversion 1.8.10
Apache Subversion 1.8.11
Apache Subversion 1.8.6
Apache Subversion 1.8.7
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2014-3504
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 up to and including 1.3.x prior to 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, w...
Apache Subversion 1.6.10
Apache Subversion 1.6.19
Apache Subversion 1.8.2
Apache Subversion 1.4.5
Apache Subversion 1.7.3
Apache Subversion 1.6.20
Apache Subversion 1.7.17
Apache Subversion 1.8.0
Apache Subversion 1.4.2
Apache Subversion 1.6.2
Apache Subversion 1.7.1
Apache Subversion 1.7.11
Apache Subversion 1.7.16
Apache Subversion 1.6.18
Apache Subversion 1.6.16
Apache Subversion 1.5.5
Apache Subversion 1.7.4
Apache Subversion 1.6.21
Apache Subversion 1.6.5
Apache Subversion 1.7.6
Apache Subversion 1.5.3
Apache Subversion 1.4.0
NA
CVE-2013-4558
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 up to and including 1.7.13 and 1.8.1 up to and including 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote malicious users to cause a...
Apache Subversion 1.8.2
Apache Subversion 1.7.11
Apache Subversion 1.8.1
Apache Subversion 1.7.12
Apache Mod Dav Svn -
Apache Subversion 1.7.13
Apache Subversion 1.8.4
Apache Subversion 1.8.3
6.5
CVSSv3
CVE-2016-2168
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
6.8
CVSSv3
CVE-2016-2167
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4, when Cyrus SASL authentication is used, allows remote malicious users to authenticate and bypass intended access restrictions via a realm string that is a pr...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
NA
CVE-2013-4262
svnwcsub.py in Subversion 1.8.0 prior to 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py iss...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
Apache Subversion 1.8.2
8.6
CVSSv3
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
6.5
CVSSv3
CVE-2018-11782
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »