CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

OSV•added 2025/03/27 12:0 a.m.•8 views

DLA-4094-1 mercurial - security update

Bulletin has no description...

5.3CVSS7.2AI score0.00221EPSS

Exploits0

CVE•added 2025/03/17 4:31 a.m.•90 views

CVE-2025-2361

CVE-2025-2361 affects Mercurial SCM’s Web Interface (hgweb). A cross-site scripting vulnerability arises from improper sanitization of user-controlled input passed via the cmd parameter in the Web Interface, enabling remote exploitation. Affected is Mercurial 4.5.3/71.19.145.211 with hgweb; multi...

5.3CVSS4.4AI score0.00221EPSS

Exploits0References5

Tenable Nessus•added 2025/03/04 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2016-3069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. CVE-2016-3069 Note that Nessus...

8.8CVSS7.5AI score0.0283EPSS

Exploits0References2

OSV•added 2022/05/14 1:4 a.m.•7 views

GHSA-HVR9-WR9P-GRGR Mercurial missing symlink check

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...

8.7CVSS8.3AI score0.02142EPSS

Exploits1References7

BDU FSTEC•added 2021/03/15 12:0 a.m.•1 views

The vulnerabilities of many functions in the Mercurial/subrepo.py version control tool allow attackers to compromise data integrity and cause service failures.

The vulnerability of several functions in the Mercurial version control software’s subrepo.py module is related to an incorrect definition of the reference before accessing a file. Exploiting this vulnerability could allow a remote attacker to compromise data integrity and also cause service...

5.9CVSS6.4AI score0.00541EPSS

Exploits0References6Affected Software4

OSV•added 2018/10/04 11:29 p.m.•5 views

CVE-2018-17983

cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry...

9.1CVSS9.1AI score

Exploits0References2

OSV•added 2018/07/06 12:29 a.m.•5 views

CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

9.8CVSS9.4AI score

Exploits0References5

OSV•added 2018/03/30 12:0 a.m.•27 views

DLA-1331-1 mercurial - security update

Bulletin has no description...

9.1CVSS7.2AI score0.006EPSS

Exploits0

OSV•added 2017/09/04 12:0 a.m.•36 views

DSA-3963-1 mercurial - security update

Bulletin has no description...

10CVSS7.7AI score0.04585EPSS

Exploits1

OSV•added 2015/03/20 3:26 p.m.•8 views

SUSE-SU-2015:0836-1 Security update for mercurial

Mercurial was updated to fix a command injection via sshpeer.validaterepo CVE-2014-9462, bnc923070:...

7.5CVSS9.6AI score0.01129EPSS

Exploits1References3

OSV•added 2008/09/27 10:30 a.m.•4 views

CVE-2008-4297

Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request...

6.9AI score

Exploits0References10

OSV•added 2008/06/30 8:41 p.m.•12 views

CVE-2008-2942

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

6.3AI score

Exploits0References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by