Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-2168
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
NA
CVE-2013-4558
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 up to and including 1.7.13 and 1.8.1 up to and including 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote malicious users to cause a...
Apache Subversion 1.8.2
Apache Subversion 1.7.11
Apache Subversion 1.8.1
Apache Subversion 1.7.12
Apache Mod Dav Svn -
Apache Subversion 1.7.13
Apache Subversion 1.8.4
Apache Subversion 1.8.3
NA
CVE-2013-6372
The Subversion plugin prior to 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.
Jenkins-ci Subversion-plugin 1.27
Jenkins-ci Subversion-plugin 1.44
Jenkins-ci Subversion-plugin 1.18
Jenkins-ci Subversion-plugin 1.12
Jenkins-ci Subversion-plugin 1.39
Jenkins-ci Subversion-plugin 1.38
Jenkins-ci Subversion-plugin 1.24
Jenkins-ci Subversion-plugin 1.32
Jenkins-ci Subversion-plugin 1.1
Jenkins-ci Subversion-plugin 1.46
Jenkins-ci Subversion-plugin 1.0
Jenkins-ci Subversion-plugin 1.45
Jenkins-ci Subversion-plugin 1.41
Jenkins-ci Subversion-plugin 1.50
Jenkins-ci Subversion-plugin 1.3
Jenkins-ci Subversion-plugin 1.16
Jenkins-ci Subversion-plugin 1.11
Jenkins-ci Subversion-plugin 1.19
Jenkins-ci Subversion-plugin 1.30
Jenkins-ci Subversion-plugin 1.17
Jenkins-ci Subversion-plugin 1.35
Jenkins-ci Subversion-plugin 1.14
NA
CVE-2007-2448
Subversion 1.4.3 and previous versions does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) p...
Subversion Subversion
8.6
CVSSv3
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
NA
CVE-2013-4262
svnwcsub.py in Subversion 1.8.0 prior to 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py iss...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
Apache Subversion 1.8.2
NA
CVE-2007-3846
Directory traversal vulnerability in Subversion prior to 1.4.5, as used by TortoiseSVN prior to 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\ (dot dot backslash) sequence i...
Subversion Subversion
Tortoisesvn Tortoisesvn
7.5
CVSSv3
CVE-2019-0203
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
6.5
CVSSv3
CVE-2018-11782
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
NA
CVE-2013-7393
The daemonize.py module in Subversion 1.8.0 prior to 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on differ...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »