Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cvs vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2003-0152
Unknown vulnerability in bonsai Mozilla CVS query tool allows remote malicious users to execute arbitrary commands as the www-data user.
Mozilla Bonsai 1.3
641
VMScore
CVE-2008-5397
Tor prior to 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.
Tor Tor 0.0.7.1
Tor Tor 0.0.7
Tor Tor 0.0.6.2
Tor Tor 0.0.2 Pre26
Tor Tor 0.0.2 Pre25
Tor Tor 0.0.9.8
Tor Tor 0.0.9.9
Tor Tor 0.0.9.10
Tor Tor 0.0.2 Pre21
Tor Tor 0.0.2 Pre20
Tor Tor 0.0.2 Pre13
Tor Tor 0.1.1.7
Tor Tor 0.1.1.6 Alpha
Tor Tor 0.1.1.26
Tor Tor 0.1.1.6
Tor Tor 0.1.0.5
Tor Tor 0.1.0.8
Tor Tor 0.1.0.15
Tor Tor 0.1.0.18
Tor Tor 0.1.1.2
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.1.12
641
VMScore
CVE-2003-1161
exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.
Linux Linux Kernel 2.6 Test9 Cvs
614
VMScore
CVE-2010-3846
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
Nongnu Cvs 1.11.23
605
VMScore
CVE-2015-9402
The users-ultra plugin prior to 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload.
Usersultra Users Ultra Membership
605
VMScore
CVE-2007-0246
plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 prior to 20070524, aka gforge-plugin-scmcvs, allows remote malicious users to execute arbitrary commands via shell metacharacters in the PATH_INFO.
Gforge Gforge
605
VMScore
CVE-2006-7075
Buffer overflow in the meta_read_flac function in meta_decoder.c for Aqualung 0.9beta5 and previous versions, and CVS 0.193.2 and previous versions, allows user-assisted malicious users to execute arbitrary code via a long Vorbis comment in a Free Lossless Audio Codec (FLAC) file...
Aqualung Aqualung 0.9 Beta5
605
VMScore
CVE-2006-6386
Cross-site scripting (XSS) vulnerability in the CVS management/tracker 4.7.x-1.0, 4.7.x-2.0, and 4.7.0 (before the 20060807 contribution release system) for Drupal allows remote malicious users to inject arbitrary web script or HTML via the motivation field in the CVS application...
Drupal Cvs Management And Tracker 4.7 1.0
Drupal Cvs Management And Tracker 4.7 2.0
605
VMScore
CVE-2004-1036
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and previous versions, and 1.5.1-cvs prior to 23rd October 2004, allows remote malicious users to execute arbitrary web script or HTML.
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Gentoo Linux
605
VMScore
CVE-2002-1681
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote malicious users to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
Open Source Development Network Slashcode 2.2.2
Open Source Development Network Slashcode 2.2.3
Open Source Development Network Slashcode 2.2.4
Open Source Development Network Slashcode 2.2.5
Open Source Development Network Slashcode 2.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »