CVE-2025-64482 Tuleap missing CSRF protections in the File Release System

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.1762267347 and Tuleap Enterprise Edition prior to versions 17.01-, 16.13-6, and 16.12-9 don't have cross-site request forgery protections in the file...

EUVD-2013-4167

Malware in sbrugna...

EUVD-2017-6516

Malware in sbrugna...

EUVD-2025-22380

Malicious code in bioql PyPI...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

FreeBSD : py39-py -- Regular expression Denial of Service vulnerability (28a37df6-ba1a-4eed-bb64-623fc8e8dfd0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 28a37df6-ba1a-4eed-bb64-623fc8e8dfd0 advisory. - The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expressio...

SUSE SLES12 Security Update : python-py (SUSE-SU-2023:0395-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0395-1 advisory. - The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a...

SUSE-SU-2023:0395-1 Security update for python-py

This update for python-py fixes the following issues: - CVE-2022-42969: Fixed an excessive resource consumption that could be triggered when interacting with a Subversion repository containing crated data bsc1204364. This also updates python3-py to version 1.8.1 for SUSE Linux Enterprise Server...

SUSE-SU-2023:0161-1 Security update for python-py

This update for python-py fixes the following issues: - CVE-2022-42969: Fixed an excessive resource consumption that could be triggered when interacting with a Subversion repository containing crated data bsc1204364...

Updated viewvc packages fix security vulnerability

ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names names that, when...

MGASA-2023-0019 Updated viewvc packages fix security vulnerability

ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names names that, when...

CVE-2023-22456

ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...

CVE-2023-22456

CVE-2023-22456 affects ViewVC, a browser interface for CVS/Subversion repositories. The vulnerability is an cross-site scripting (XSS) flaw that impacts ViewVC versions before 1.2.2 (and 1.1.29). The attack requires the attacker to have commit privileges to a Subversion repository exposed by a tr...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

PT-2022-26687

Name of the Vulnerable Software and Affected Versions py versions through 1.11.0 Description The py library allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled...

GO-2022-0177 Remote command execution via "go get" in cmd/go

The "go get" command allows remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository includes a Git checkout in its pkg2 directory...

Code injection

Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 archivename parameter to the Power FS module plugins/action.powerfs/class.PowerFSController.php, a 2 file name to the getTrustSizeOnFileSystem function in the File System Standard modu...

CVE-2013-4267

Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 archivename parameter to the Power FS module plugins/action.powerfs/class.PowerFSController.php, a 2 file name to the getTrustSizeOnFileSystem function in the File System Standard modu...