385 matches found
EUVD-2015-3254
Malicious code in bioql PyPI...
Advisory ROSA-SA-2025-2989
software: subversion 1.14.5 OS: ROSA-CHROME unaffected versions = subversion-1.14.5-1 affected versions subversion-1.14.5-1 CVE-ID: CVE-2024-46901 BDU-ID: 2025-03298 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the moddavsvn function of Apache Subversion software is related to a flaw in the...
Apache Subversion: Command line argument injection on Windows platforms
...
Astra Linux – Vulnerability in Subversion
Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, resulting in disruptions for users of the repository. All versions of Subversion, including Subversi...
TencentOS Server 4: subversion (TSSA-2024:1100)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1100 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to remote code execution due to Apache Subversion (CVE-2024-45720)
Summary Apache Subversion is shipped with IBM Tivoli Netcool Impact as part of its version control for files. Information about a security vulnerability affecting Apache Subversion has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-45720 DESCRIPTION: Apache Subversion...
Azure Linux 3.0 Security Update: subversion (CVE-2024-46901)
The version of subversion installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46901 advisory. - Insufficient validation of filenames against control characters in Apache Subversion repositories served...
The vulnerability of the mod_dav_svn function in Apache Subversion software allows a hacker to induce a service failure.
The vulnerability of the moddavsvn function in Apache Subversion relates to a lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability could allow an attacker to cause service failures remotely...
CBL Mariner 2.0 Security Update: subversion (CVE-2024-46901)
The version of subversion installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46901 advisory. - Insufficient validation of filenames against control characters in Apache Subversion repositories served...
Apache Subversion: mod_dav_svn denial-of-service via control characters in paths
...
Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1239)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1285)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2024-46901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit...
Linux Distros Unpatched Vulnerability : CVE-2016-2167
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The canonicalizeusername function in svnserve/cyrusauth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used,...
Linux Distros Unpatched Vulnerability : CVE-2016-2168
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The reqcheckaccess function in the modauthzsvn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated...
Linux Distros Unpatched Vulnerability : CVE-2015-3187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote...
Linux Distros Unpatched Vulnerability : CVE-2014-3528
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials,...
Linux Distros Unpatched Vulnerability : CVE-2014-3580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The moddavsvn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service NUL...
Linux Distros Unpatched Vulnerability : CVE-2021-28544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured...
Linux Distros Unpatched Vulnerability : CVE-2013-4277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a...