Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-5938
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC prior to 1.0.14 and 1.1.x prior to 1.1.26 allows remote malicious users to inject arbitrary web script or HTML via the nav_data name.
Debian Debian Linux 8.0
Opensuse Leap 42.2
Opensuse Project Leap 42.1
Viewvc Viewvc
4.3
CVSSv2
CVE-2016-1236
Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.php, (2) log.php, (3) listing.php, and (4) comp.php in WebSVN allow context-dependent malicious users to inject arbitrary web script or HTML via the name of a (a) file or (b) directory in a repository.
Websvn Websvn
Debian Debian Linux 8.0
4.9
CVSSv2
CVE-2016-2167
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4, when Cyrus SASL authentication is used, allows remote malicious users to authenticate and bypass intended access restrictions via a realm string that is a pr...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
4
CVSSv2
CVE-2016-2168
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
8
CVSSv2
CVE-2015-5343
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x prior to 1.8.15, and 1.9.x prior to 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-enco...
Apache Subversion
Debian Debian Linux 8.0
1 Github repository
4.3
CVSSv2
CVE-2016-2511
Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the path parameter to log.php.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Websvn Websvn
9
CVSSv2
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
7.8
CVSSv2
CVE-2015-0202
The mod_dav_svn server in Subversion 1.8.0 up to and including 1.8.11 allows remote malicious users to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
Apache Subversion 1.8.0
Apache Subversion 1.8.8
Apache Subversion 1.8.9
Apache Subversion 1.8.3
Apache Subversion 1.8.4
Apache Subversion 1.8.5
Apache Subversion 1.8.1
Apache Subversion 1.8.2
Apache Subversion 1.8.10
Apache Subversion 1.8.11
Apache Subversion 1.8.6
Apache Subversion 1.8.7
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
3.5
CVSSv2
CVE-2013-6892
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit.
Websvn Websvn 2.3.3
Debian Debian Linux 7.0
4
CVSSv2
CVE-2014-3504
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 up to and including 1.3.x prior to 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, w...
Apache Subversion 1.6.10
Apache Subversion 1.6.19
Apache Subversion 1.8.2
Apache Subversion 1.4.5
Apache Subversion 1.7.3
Apache Subversion 1.6.20
Apache Subversion 1.7.17
Apache Subversion 1.8.0
Apache Subversion 1.4.2
Apache Subversion 1.6.2
Apache Subversion 1.7.1
Apache Subversion 1.7.11
Apache Subversion 1.7.16
Apache Subversion 1.6.18
Apache Subversion 1.6.16
Apache Subversion 1.5.5
Apache Subversion 1.7.4
Apache Subversion 1.6.21
Apache Subversion 1.6.5
Apache Subversion 1.7.6
Apache Subversion 1.5.3
Apache Subversion 1.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »