761 matches found
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
Cross site scripting
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464
Removed by vendor...
CVE-2023-22464
CVE-2023-22464 affects ViewVC (CVS/Subversion browser) prior to 1.2.3 (1.2.x) and 1.1.30 (1.1.x). The root cause is cross-site scripting via files with unsafe names that, when embedded in HTML, could execute code; impact is mitigated by requiring the attacker to have commit privileges to a Subver...
Cross site scripting
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...
CVE-2023-22456
Removed by vendor...
CVE-2023-22456 ViewVC XSS vulnerability in revision view changed paths
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...
CVE-2023-22456 ViewVC XSS vulnerability in revision view changed paths
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...
CVE-2023-22456
CVE-2023-22456 affects ViewVC, a browser interface for CVS/Subversion repositories. The vulnerability is an cross-site scripting (XSS) flaw that impacts ViewVC versions before 1.2.2 (and 1.1.29). The attack requires the attacker to have commit privileges to a Subversion repository exposed by a tr...
GSD-2022-1008234 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
bpf, testrun: Fix alignment problem in bpfprogtestrunskb This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...
GSD-2022-1008046 mISDN: fix misuse of put_device() in mISDN_register_device()
mISDN: fix misuse of putdevice in mISDNregisterdevice This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...
GSD-2022-1007799 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.9 by commit...
GSD-2022-1007633 mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
mm,hugetlb: take hugetlblock before decrementing h-resvhugepages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.332 by commit...
GSD-2022-1007623 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.332 by commit...
GSD-2022-1007597 memory: of: Fix refcount leak bug in of_get_ddr_timings()
memory: of: Fix refcount leak bug in ofgetddrtimings This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...
GSD-2022-1006788 crypto: qat - fix DMA transfer direction
crypto: qat - fix DMA transfer direction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
Exploit for Open Redirect in Git-Scm Git
CVE-2017-1000117 借鉴使用github平台的AnonymKing/CVE-2017-1000117仓库 项目简介 + CVE-2017-1000117 漏洞的复现(PoC+Exp) + Git2.12.1 + SSH 漏洞简介: + 漏洞名称: Git命令注入漏洞 + CNNVD编号:CNNVD-201708-670 + 危害等级:中危 + CVE编号:CVE-2017-1000117 + 漏洞类型:命令注入 + 发布时间:2017-08-16...