Lucene search
K

48 matches found

SUSE CVE
SUSE CVE
added 2026/05/05 1:46 a.m.11 views

SUSE CVE-2026-29169

A NULL pointer dereference in moddavlock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.moddavlock is not used internally by moddav or moddavfs. The only known use-case for moddavlock was moddavsvn from Apache Subversion earlier than...

7.5CVSS5.8AI score0.00594EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.1 views

MiracleLinux 8 : subversion:1.10 (AXSA:2022-3786:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3786:01 advisory. subversion: Subversion's moddavsvn is vulnerable to memory corruption CVE-2022-24070 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.6AI score0.09254EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 5:48 p.m.5 views

CLSA-2025-1756489732 subversion: Fix of CVE-2024-46901

CVE-2024-46901: fix moddavsvn denial-of-service via control characters in paths...

4.3CVSS7.1AI score0.01943EPSS
Exploits1References1
OSV
OSV
added 2025/08/28 7:23 p.m.8 views

CLSA-2025-1756409018 subversion: Fix of CVE-2024-46901

CVE-2024-46901: fix moddavsvn denial-of-service via control characters in paths...

4.3CVSS7.1AI score0.01943EPSS
Exploits1References1
OSV
OSV
added 2025/08/13 8:37 a.m.7 views

CLSA-2025-1755074254 subversion: Fix of CVE-2024-46901

CVE-2024-46901: fix moddavsvn denial-of-service via control characters in paths...

4.3CVSS5.8AI score0.01943EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.4 views

The vulnerability of the mod_dav_svn function in Apache Subversion software allows a hacker to induce a service failure.

The vulnerability of the moddavsvn function in Apache Subversion relates to a lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability could allow an attacker to cause service failures remotely...

4.6CVSS5.7AI score0.01943EPSS
Exploits1References11Affected Software8
RedhatCVE
RedhatCVE
added 2025/01/15 3:24 p.m.9 views

CVE-2024-46901

A flaw was found in Apache Subversion when serving repositories via moddavsvn. This issue may allow authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository via insufficient validation of filenames against control characters...

3.1CVSS6.4AI score0.01943EPSS
Exploits1References4
OSV
OSV
added 2024/12/13 1:18 p.m.3 views

OESA-2024-2538 subversion security update

Subversion exists to be universally recognized and adopted as an open-source, centralized version control system characterized by its reliability as a safe haven for valuable data; the simplicity of its model and usage; and its ability to support the needs of a wide variety of users and projects,...

4.3CVSS6.9AI score0.01943EPSS
Exploits1References2
OSV
OSV
added 2024/12/09 10:15 a.m.13 views

CVE-2024-46901

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS6.5AI score0.01943EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.4 views

PT-2024-32272 · Apache +4 · Apache Subversion +4

Name of the Vulnerable Software and Affected Versions: Apache Subversion versions prior to 1.14.5 Description: Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod dav svn allows authenticated users with commit access to commit a corrupt...

8.2CVSS3.4AI score0.09254EPSS
Exploits2References59
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.4 views

SUSE CVE-2011-0715

The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a request that contains a lock token...

4.3CVSS6.8AI score0.06309EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.5 views

SUSE CVE-2011-1921

The moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz shortcircuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to...

4.3CVSS6.6AI score0.05993EPSS
Exploits2References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.5 views

SUSE CVE-2013-1846

The moddavsvn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash via a LOCK on an activity URL...

4CVSS6.6AI score0.06725EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.5 views

SUSE CVE-2013-1847

The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...

5CVSS6.8AI score0.51442EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-4558

The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...

3.5CVSS6.9AI score0.05882EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.3 views

SUSE CVE-2014-8108

The moddavsvn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request for a URI that triggers a lookup for a virtual transaction name that does not exist...

5CVSS6.8AI score0.09692EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.3 views

SUSE CVE-2016-6312

The moddontdothat component of the moddavsvn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote authenticated users with access to the webdav repository to cause a denial of service memory...

6.5CVSS7.5AI score0.02199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-11803

Subversion's moddavsvn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation...

5.3CVSS8.6AI score0.57822EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/18 1:32 a.m.5 views

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

7.5CVSS5.7AI score0.09254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/12 3:57 p.m.4 views

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

7.5CVSS5.7AI score0.09254EPSS
Exploits0References5
Rows per page
Query Builder