Lucene search
K

72 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-15220

Malware in sbrugna...

4.3CVSS4.7AI score0.02788EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-28983

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.09254EPSS
Exploits0References20
Redos
Redos
added 2025/08/14 12:0 a.m.4 views

ROS-20250814-04

Vulnerability in the moddavsvn module of the Subversion centralized version control system is related to a bug in the path-based authorization rule lookup. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS7AI score0.09254EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-28544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured...

4.3CVSS5.7AI score0.02788EPSS
Exploits1References2
Amazon
Amazon
added 2023/03/22 12:0 a.m.2 views

Important: subversion

Issue Overview: A flaw was found in Subversion. When using path-based authorization authz, the helper function detectchanged does not omit potentially sensitive information from log messages. In particular, if a node is copied from a protected location, its copyfrom path the path to the protected...

7.5CVSS6.4AI score0.09254EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.21 views

Debian: Security Advisory (DLA-293-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4CVSS8.6AI score0.06464EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.3 views

SUSE CVE-2015-3187

The svnrepostracenodelocations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path...

4CVSS6.5AI score0.06464EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.4 views

SUSE CVE-2021-32779

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI 'fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with...

8.6CVSS8.5AI score0.00948EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-24070

Subversion's moddavsvn is vulnerable to memory corruption. While looking up path-based authorization rules, moddavsvn servers may attempt to use memory which has already been freed. Affected Subversion moddavsvn servers 1.10.0 through 1.14.1 inclusive. Servers that do not use moddavsvn are not...

7.5CVSS6.9AI score0.09254EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/10/14 12:0 a.m.27 views

Amazon Linux 2022 : python3-subversion, subversion, subversion-devel (ALAS2022-2022-149)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-149 advisory. A flaw was found in Subversion. When using path-based authorization authz, the helper function detectchanged does not omit potentially sensitive information from log messages. In particular, if...

7.5CVSS6.1AI score0.09254EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/07/29 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2022-2172)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.09254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.43 views

EulerOS 2.0 SP9 : subversion (EulerOS-SA-2022-1983)

According to the versions of the subversion packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according t...

7.5CVSS6.1AI score0.09254EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/06 5:35 a.m.33 views

Security Bulletin: A security vulnerability has been identified in Apache Subversion shipped with IBM Tivoli Netcool Impact (CVE-2021-28544)

Summary Apache Subversion is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Apache Subversion has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-28544 DESCRIPTION: Apache Subversion could allow a remote authenticated...

4.3CVSS5.4AI score0.02788EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2022/06/08 10:2 a.m.5 views

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

7.5CVSS5.7AI score0.09254EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2022/05/27 1:0 a.m.64 views

USN-5450-1: Subversion vulnerabilities

Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. CVE-2021-28544 Thomas Weißschuh discovered that subversion servers did not properly...

7.5CVSS6.4AI score0.09254EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/27 12:0 a.m.43 views

Ubuntu 22.04 LTS : Subversion vulnerabilities (USN-5450-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5450-1 advisory. Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially u...

7.5CVSS6.3AI score0.09254EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/05/18 1:32 a.m.4 views

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

7.5CVSS5.7AI score0.09254EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/05/17 12:0 a.m.17 views

openSUSE: Security Advisory for subversion (SUSE-SU-2022:1162-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.7AI score0.09254EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/05/12 11:19 p.m.2 views

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

7.5CVSS5.7AI score0.09254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/12 2:3 p.m.2 views

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

7.5CVSS5.7AI score0.09254EPSS
Exploits0References5
Rows per page
Query Builder