Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-2184
A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15 and previous versions allows malicious users to create and manipulate tags, and to connect to an attacker-specified URL.
Jenkins Current Versions Systems
3.5
CVSSv3
CVE-2020-5283
ViewVC prior to 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has...
Viewvc Viewvc
NA
CVE-2012-0804
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
Cvs Cvs 1.11
Cvs Cvs 1.12
NA
CVE-2010-1676
Heap-based buffer overflow in Tor prior to 0.2.1.28 and 0.2.2.x prior to 0.2.2.20-alpha allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
Tor Tor 0.2.1.1.13
Tor Tor 0.2.1.1.14
Tor Tor 0.0.8.1
Tor Tor 0.0.8
Tor Tor 0.0.7.3
Tor Tor 0.0.5
Tor Tor 0.0.4
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.0.9.5
Tor Tor 0.0.9.2
Tor Tor 0.1.2.11
Tor Tor 0.0.2 Pre21
Tor Tor 0.0.2 Pre19
Tor Tor 0.0.2 Pre20
Tor Tor 0.1.1.7 Alpha
Tor Tor 0.1.1.7
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.3
Tor Tor 0.1.0.5
Tor Tor 0.1.0.8
Tor Tor 0.1.0.18
NA
CVE-2010-3846
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
Nongnu Cvs 1.11.23
NA
CVE-2010-1326
perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 prior to 3729 allows remote malicious users to bypass the permissions check, modify arbitrary modules and director...
March-hare Cvsnt 2.5.01
March-hare Cvsnt 2.5.02
March-hare Cvsnt 2.5.03
March-hare Cvsnt 2.0.58
March-hare Cvsnt 2.5.04
March-hare Cvs Suite 2.5.03
March-hare Cvs Suite 2009
March-hare Cvs Suite 2008
NA
CVE-2009-3989
Bugzilla prior to 3.0.11, 3.2.x prior to 3.2.6, 3.4.x prior to 3.4.5, and 3.5.x prior to 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote malicious users to obtain sensitive information via requests for (1) CVS/, (2) ...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.0.9
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.10
Mozilla Bugzilla 3.4
NA
CVE-2010-0383
Tor prior to 0.2.1.22, and 0.2.2.x prior to 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle malicious users to compromise the anonymity of traffic sources and destinations.
Tor Tor 0.2.1.1.13
Tor Tor 0.2.1.1.14
Tor Tor 0.2.1.1.21
Tor Tor 0.0.9
Tor Tor 0.0.6.1
Tor Tor 0.0.6
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.0.9.6
Tor Tor 0.0.9.7
Tor Tor 0.1.2.13
Tor Tor 0.1.2.10
Tor Tor 0.1.1
Tor Tor 0.0.2 Pre18
Tor Tor 0.0.2 Pre16
Tor Tor 0.0.2
Tor Tor 0.1.1.8
Tor Tor 0.1.1.8 Alpha
Tor Tor 0.1.1.4
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.0.6
Tor Tor 0.1.0.16
NA
CVE-2010-0385
Tor prior to 0.2.1.22, and 0.2.2.x prior to 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote malicious users to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query.
Tor Tor 0.2.1.1.12
Tor Tor 0.2.1.1.13
Tor Tor 0.2.1.1.14
Tor Tor 0.2.1.1.15
Tor Tor 0.2.1.1.16
Tor Tor 0.0.6.2
Tor Tor 0.0.6.1
Tor Tor 0.0.6
Tor Tor 0.0.5
Tor Tor 0.0.9.6
Tor Tor 0.0.9.7
Tor Tor 0.0.9.4
Tor Tor 0.0.9.5
Tor Tor 0.1.1
Tor Tor 0.0.2 Pre18
Tor Tor 0.0.2 Pre19
Tor Tor 0.2.1.1.21
Tor Tor 0.0.9
Tor Tor 0.0.8.1
Tor Tor 0.0.8
Tor Tor 0.0.2 Pre25
Tor Tor 0.1.0.13
NA
CVE-2009-3304
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php.
Gforge Gforge 4.5.14
Gforge Gforge 4.8.2
Gforge Gforge 4.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »