Lucene search
K

37 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-4494

Malware in sbrugna...

8.8CVSS9.1AI score0.0267EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-9800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrar...

9.8CVSS7.1AI score0.18892EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.26 views

RHEL 5 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: Command injection through clients via malicious svn+ssh URLs CVE-2017-9800 - The...

8.6AI score0.19628EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2017-1176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.18892EPSS
Exploits3References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:3 p.m.38 views

Security Bulletin: IBM QRadar Network Security is affected by vulnerability in subversion (CVE-2017-9800)

Summary IBM QRadar Network Security has addressed vulnerability in subversion. Vulnerability Details CVEID: CVE-2017-9800 DESCRIPTION: Apache Subversion could allow a remote attacker to execute arbitrary commands on the system, caused by the connection to URLs provided by the repository. By...

9.8CVSS1.6AI score0.18892EPSS
Exploits3Affected Software1
Prion
Prion
added 2017/12/07 6:29 p.m.41 views

Design/Logic Flaw

httptransport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176,...

9.3CVSS8.6AI score0.77823EPSS
Exploits12References4Affected Software1
Prion
Prion
added 2017/11/27 10:29 a.m.38 views

Design/Logic Flaw

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

9.3CVSS8.6AI score0.77823EPSS
Exploits12References7Affected Software3
Veracode
Veracode
added 2017/10/30 12:47 a.m.38 views

Arbitrary Command Execution

Dulwich is vulnerable to arbitrary command execution. When using the SSH subprocess, an attacker can use an ssh URL with the - dash character in the hostname.This is related to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

9.8CVSS8.4AI score0.77823EPSS
Exploits12References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/30 12:0 a.m.51 views

Debian DLA-1144-1 : git-annex security update

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117. For Debian 7...

10CVSS7.3AI score0.77823EPSS
Exploits12References3
RedhatCVE
RedhatCVE
added 2017/09/12 7:48 a.m.42 views

CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

10CVSS7.5AI score0.77823EPSS
Exploits12References1
Tenable Nessus
Tenable Nessus
added 2017/09/08 12:0 a.m.27 views

EulerOS 2.0 SP1 : subversion (EulerOS-SA-2017-1175)

According to the version of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to...

9.8CVSS7.2AI score0.18892EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2017/09/01 12:0 a.m.68 views

Amazon Linux AMI : subversion / mod_dav_svn (ALAS-2017-883)

Command injection through clients via malicious svn+ssh URLs A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for...

9.8CVSS7.2AI score0.18892EPSS
Exploits3References2
Amazon
Amazon
added 2017/08/31 12:0 a.m.76 views

Important: subversion, mod_dav_svn

Issue Overview: Command injection through clients via malicious svn+ssh URLs A shell command injection flaw related to the handling of "svn+ssh" URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion...

9.8CVSS10AI score0.18892EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2017/08/25 12:0 a.m.88 views

CentOS 7 : subversion (CESA-2017:2480)

An update for subversion is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.2AI score0.18892EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2017/08/24 12:0 a.m.29 views

Fedora 25 : subversion (2017-1d1a38bdd1)

This update includes the latest stable release of Apache Subversion, version 1.9.7. Client-side bugfixes : - Fix arbitrary code execution vulnerability CVE-2017-9800 See for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.8CVSS7.8AI score0.18892EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2017/08/22 12:0 a.m.32 views

Scientific Linux Security Update : subversion on SL7.x x86_64 (20170816)

Security Fixes : - A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for example when performing a 'checkout' or...

9.8CVSS7.1AI score0.18892EPSS
Exploits3References2
UbuntuCve
UbuntuCve
added 2017/08/20 8:29 p.m.42 views

CVE-2017-12976

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS6.9AI score0.0267EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.25 views

openSUSE Security Update : subversion (openSUSE-2017-940)

This update for subversion to 1.9.7 fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-9800: A remote attacker could have caused svn clients to execute arbitrary code via specially crafted URLs in svn:externals and svn:sync-from-url properties. boo1051362 -...

9.8CVSS7.7AI score0.18892EPSS
Exploits3References5
OPENSUSE Linux
OPENSUSE Linux
added 2017/08/17 12:9 a.m.78 views

Security update for subversion (important)

This update for subversion to 1.9.7 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-9800: A remote attacker could have caused svn clients to execute arbitrary code via specially crafted URLs in svn:externals and svn:sync-from-url properties. boo1051362 -...

4.3CVSS5.5AI score0.18892EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2017/08/17 12:0 a.m.28 views

openSUSE: Security Advisory for subversion (openSUSE-SU-2017:2183-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.18892EPSS
Exploits3References1
Rows per page
Query Builder