Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2017/09/12 3:33 p.m.7 views

SUSE-SU-2017:2419-1 Security update for cvs

This update for cvs fixes the following issues: - CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection bsc1053364...

7.5CVSS8.6AI score0.02504EPSS
Exploits1References3
Debian
Debianadded 2017/08/13 9:10 a.m.23 views

[SECURITY] [DSA 3940-1] cvs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3940-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 13, 2017 https://www.debian.org/security/faq -...

5.1CVSS2.5AI score0.02504EPSS
Exploits1
seebug.org
seebug.orgadded 2010/10/26 12:0 a.m.14 views

NetBSD Larn 'Games'组本地特权提升漏洞

Bugtraq ID: 44293 NetBSD是一款基于BSD的操作系统。 当game从setuid更改为setgid时larn没有进行更新-把用户IDs替代为组IDs,这意味着当试图下降到低特权级别时,没有任何事情发生。因此game一直以game组权限运行,并可以games组权限进行各种如写或保存文件操作。 保存文件可写入/var/games可覆盖或破坏属于其他游戏的文件。 NetBSD 4.0 厂商解决方案 已经修补的源文件可从NetBSD CVS库中获得: CVS branch file revision ------------- ----------------...

7AI score
Exploits0
seebug.org
seebug.orgadded 2008/08/27 12:0 a.m.15 views

NetBSD PPPoE发现脚本远程拒绝服务漏洞

BUGTRAQ ID:30838 CNCAN ID:CNCAN-2008082706 NetBSD是一款基于BSD的操作系统。 NetBSD包含的pppoe4代码处理恶意报文存在问题,远程攻击者可以利用漏洞触发内核访问越界内容而导致内核崩溃,造成拒绝服务攻击。 在客户端和访问集中器之间的会话连接之前,处理PPPoE连接的早期状态的关键代码存在问题。在"discovery"阶段的报文由多个可变长度"tags"装载同一个PPPoE报文中,每个标签将被检查,而且针对全部报文大小的长度进行了验证。不过在长度检查过程中存在一个缺陷,允许把下一个TAG的指针越界移动到报文后最多4字节的位置。...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2004/07/25 12:0 a.m.41 views

SuSE-SA:2004:015: cvs

The remote host is missing the patch for the advisory SuSE-SA:2004:015 cvs. The Concurrent Versions System CVS offers tools which allow developers to share and maintain large software projects. Various remotely exploitable conditions have been found during a source code review of CVS done by Stef...

10CVSS6.1AI score0.40607EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.41 views

RHEL 2.1 : cvs (RHSA-2003:013)

Updated CVS packages are now available for Red Hat Linux Advanced Server. These updates fix a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 CVS is a...

7.5CVSS6.1AI score0.37007EPSS
Exploits1References4
Slackware Linux
Slackware Linuxadded 2004/05/19 7:14 p.m.42 views

cvs

New cvs packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a buffer overflow vulnerability which could allow an attacker to run arbitrary programs on the CVS server. Sites running a CVS server should upgrade to the new CVS package right away. More details about this issue may...

7.5CVSS6.8AI score0.86593EPSS
Exploits1
Packet Storm
Packet Stormadded 2000/07/28 12:0 a.m.17 views

cvs-1.10.8.txt

I found two security problems in cvs-1.10.8. 1 A committer can execute any binary in server using CVS/Checkin.prog or CVS/Update.prog. A committer can execute arbitrary binary on a cvs server using Checkin.prog. Usually CVS/Checkin.prog in a working directory is copied from CVSROOT/modules when t...

7.4AI score
Exploits0
Rows per page
Query Builder