Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion subversion vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2016-2168
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion prior to 1.8.16 and 1.9.x prior to 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2...
Apache Subversion
Apache Subversion 1.9.3
Apache Subversion 1.9.1
Apache Subversion 1.9.0
Apache Subversion 1.9.2
312
VMScore
CVE-2013-4558
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 up to and including 1.7.13 and 1.8.1 up to and including 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote malicious users to cause a...
Apache Subversion 1.8.2
Apache Subversion 1.7.11
Apache Subversion 1.8.1
Apache Subversion 1.7.12
Apache Mod Dav Svn -
Apache Subversion 1.7.13
Apache Subversion 1.8.4
Apache Subversion 1.8.3
187
VMScore
CVE-2013-6372
The Subversion plugin prior to 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.
Jenkins-ci Subversion-plugin 1.27
Jenkins-ci Subversion-plugin 1.44
Jenkins-ci Subversion-plugin 1.18
Jenkins-ci Subversion-plugin 1.12
Jenkins-ci Subversion-plugin 1.39
Jenkins-ci Subversion-plugin 1.38
Jenkins-ci Subversion-plugin 1.24
Jenkins-ci Subversion-plugin 1.32
Jenkins-ci Subversion-plugin 1.1
Jenkins-ci Subversion-plugin 1.46
Jenkins-ci Subversion-plugin 1.0
Jenkins-ci Subversion-plugin 1.45
Jenkins-ci Subversion-plugin 1.41
Jenkins-ci Subversion-plugin 1.50
Jenkins-ci Subversion-plugin 1.3
Jenkins-ci Subversion-plugin 1.16
Jenkins-ci Subversion-plugin 1.11
Jenkins-ci Subversion-plugin 1.19
Jenkins-ci Subversion-plugin 1.30
Jenkins-ci Subversion-plugin 1.17
Jenkins-ci Subversion-plugin 1.35
Jenkins-ci Subversion-plugin 1.14
187
VMScore
CVE-2007-2448
Subversion 1.4.3 and previous versions does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) p...
Subversion Subversion
214
VMScore
CVE-2013-4262
svnwcsub.py in Subversion 1.8.0 prior to 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py iss...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
Apache Subversion 1.8.2
801
VMScore
CVE-2015-5259
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x prior to 1.9.3 allows remote malicious users to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Apache Subversion 1.9.2
Apache Subversion 1.9.1
Apache Subversion 1.9.0
534
VMScore
CVE-2007-3846
Directory traversal vulnerability in Subversion prior to 1.4.5, as used by TortoiseSVN prior to 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\ (dot dot backslash) sequence i...
Subversion Subversion
Tortoisesvn Tortoisesvn
356
VMScore
CVE-2018-11782
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
445
VMScore
CVE-2019-0203
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Apache Subversion
Apache Subversion 1.12.0
214
VMScore
CVE-2013-7393
The daemonize.py module in Subversion 1.8.0 prior to 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfile option is used. NOTE: this issue was SPLIT from CVE-2013-4262 based on differ...
Apache Subversion 1.8.0
Apache Subversion 1.8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »