47 matches found
EUVD-2012-4461
Malware in sbrugna...
EUVD-2022-5097
Malicious code in bioql PyPI...
EUVD-2024-47496
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-1193
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows a malicious actor to obtain details...
CVE-2023-1621
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to commit to projects even from a restricted IP address...
Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1239)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0058 Updated subversion packages fix security vulnerability
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. CVE-2024-46901...
EulerOS 2.0 SP11 : subversion (EulerOS-SA-2025-1148)
According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated...
BIT-SUBVERSION-2024-46901 Apache Subversion: mod_dav_svn denial-of-service via control characters in paths
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...
EUVD-2024-42181
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...
DEBIAN-CVE-2024-46901
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...
CVE-2024-46901
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...
CVE-2024-46901
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...
CVE-2024-46901
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...
CVE-2024-46901
CVE-2024-46901 affects Apache Subversion when serving repositories via mod_dav_svn. It arises from insufficient validation of filenames against control characters, allowing authenticated users with commit access to commit a corrupted revision and disrupt repository usage. All Subversion versions ...
Renovate vulnerable to arbitrary command injection via helmv3 manager and registryAliases
Summary Attackers with commit access to the default branch of a repo using Renovate could manipulate helmv3 registryAliases to execute arbitrary commands. Details Since 26848, registryAliases has become mergeable. This means that the helmv3 manager started honoring its value and uses a helm repo...
PT-2024-40461 · Renovate · Renovate
Name of the Vulnerable Software and Affected Versions: Renovate versions 37.158.0 through 37.199.0 Description: Attackers with commit access to the default branch of a repository using Renovate could manipulate registryAliases to execute arbitrary commands. This is due to the registryAliases...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up one's GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of an...
CVE-2023-23461
Libpeconv – access violation, before commit b076013 30/11/2022...
SUSE CVE-2012-4533
Cross-site scripting XSS vulnerability in the "extra" details in the DiffSource.getrow function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated users with repository commit access to inject arbitrary web script or HTML via the "function name" lin...