CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2017/02/10 12:0 a.m.•42 views

Debian DSA-3784-1 : viewvc - security update

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

6.1CVSS6.1AI score0.00631EPSS

Exploits0References4

Tenable Nessus•added 2017/02/10 12:0 a.m.•39 views

Debian DLA-820-1 : viewvc security update

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This issue resulted in a potential Cross-Site Scripting vulnerability. For Debian 7 'Wheezy', these problems have been fixed in version 1.1.5-1.4+deb7u1. We recommend...

6.1CVSS6.1AI score0.00631EPSS

Debian•added 2017/02/09 10:58 p.m.•20 views

[SECURITY] [DLA 820-1] viewvc security update

Package : viewvc Version : 1.1.5-1.4+deb7u1 CVE ID : CVE-2017-5938 Debian Bug : 854681 Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This issue resulted in a potential Cross-Site Scripting vulnerability. For Debian...

6.1CVSS6.5AI score0.00631EPSS

Fedora•added 2017/02/09 8:51 p.m.•6 views

[SECURITY] Fedora 24 Update: viewvc-1.1.26-1.fc24

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

1.5AI score

Debian•added 2017/02/09 2:9 p.m.•18 views

[SECURITY] [DSA 3784-1] viewvc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3784-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 09, 2017 https://www.debian.org/security/faq -...

6.1CVSS6AI score0.00631EPSS

Debian•added 2017/02/09 2:9 p.m.•19 views

[SECURITY] [DSA 3784-1] viewvc security update

4.3CVSS2.4AI score0.00631EPSS

Fedora•added 2017/02/09 4:23 a.m.•10 views

[SECURITY] Fedora 25 Update: viewvc-1.1.26-1.fc25

1.5AI score

OSV•added 2017/02/09 12:0 a.m.•26 views

DLA-820-1 viewvc - security update

Bulletin has no description...

6.1CVSS4.8AI score0.00631EPSS

Tenable Nessus•added 2017/02/09 12:0 a.m.•16 views

Fedora 25 : viewvc (2017-bd3c3c957f)

5.4AI score

OSV•added 2017/02/09 12:0 a.m.•17 views

DSA-3784-1 viewvc - security update

Bulletin has no description...

6.1CVSS4.8AI score0.00631EPSS

OpenVAS•added 2017/02/09 12:0 a.m.•21 views

Debian Security Advisory DSA 3784-1 (viewvc - security update)

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: deb3784.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generate...

4.3CVSS5AI score0.00631EPSS

OpenVAS•added 2017/02/08 12:0 a.m.•17 views

Debian: Security Advisory (DSA-3784-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.3AI score0.00631EPSS

Tenable Nessus•added 2014/06/13 12:0 a.m.•20 views

openSUSE Security Update : viewvc (openSUSE-SU-2011:0529-1)

cvsdb.py in viewvc did not honor an admin defined row limit which could cause high load on the database server. viewvc was updated to version 1.1.11 which fixes the issue CVE-2009-5024. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

5CVSS5.3AI score0.00503EPSS

Tenable Nessus•added 2014/06/13 12:0 a.m.•16 views

openSUSE Security Update : viewvc (openSUSE-SU-2011:0529-1)

5CVSS5.3AI score0.00503EPSS

Tenable Nessus•added 2013/04/20 12:0 a.m.•25 views

Mandriva Linux Security Advisory : viewvc (MDVSA-2013:134)

Updated viewvc packages fix security vulnerabilities : complete authz support for remote SVN views CVE-2012-3356. log msg leak in SVN revision view with unreadable copy source CVE-2012-3357. function name lines returned by diff are not properly escaped, allowing attackers with commit access to...

5CVSS5.1AI score0.00907EPSS

Tenable Nessus•added 2012/11/26 12:0 a.m.•19 views

Fedora 18 : viewvc-1.1.17-2.fc18 (2012-16646)

Patch CVE-2012-4533. Version 1.1.16 - security fix: escape 'extra' diff info to avoid XSS attack issue 515 - add 'binarymimetypes' configuration option and handling issue 510 - fix 'select for diffs' persistence across log pages issue 512 - remove lock status and filesize check on directories in...

4.3CVSS5.4AI score0.00907EPSS

Fedora•added 2012/11/23 8:5 a.m.•17 views

[SECURITY] Fedora 18 Update: viewvc-1.1.17-2.fc18

4.3CVSS1.5AI score0.00907EPSS

NVD•added 2012/11/19 12:55 a.m.•10 views

CVE-2012-4533

Cross-site scripting XSS vulnerability in the "extra" details in the DiffSource.getrow function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated users with repository commit access to inject arbitrary web script or HTML via the "function name" lin...

4.3CVSS5.2AI score0.00907EPSS

Exploits0References16

UbuntuCve•added 2012/11/19 12:55 a.m.•23 views

CVE-2012-4533

4.3CVSS6AI score0.00907EPSS