Lucene search
K

4 matches found

CVE
CVE
added 2016/05/05 6:0 p.m.157 views

CVE-2016-2168

CVE-2016-2168 affects Apache Subversion’s httpd-based Subversion server, specifically the mod_authz_svn module. The issue arises in the req_check_access path, allowing remote authenticated users to trigger a denial of service (NULL pointer dereference and crash) via a crafted header in a MOVE or ...

6.5CVSS6AI score0.19628EPSS
CVE
CVE
added 2016/05/05 6:0 p.m.155 views

CVE-2016-2167

The vulnerability CVE-2016-2167 affects Apache Subversion: the canonicalize_username function in svnserve/cyrus_auth.c, when Cyrus SASL is used, may allow remote authentication bypass by using a realm string that prefixes the expected repository realm. Affected versions are Subversion 1.8.x befor...

6.8CVSS6.8AI score0.06814EPSS
CVE
CVE
added 2016/04/14 2:0 p.m.87 views

CVE-2015-5343

CVE-2015-5343 affects Apache Subversion (mod_dav_svn). An integer overflow in util.c can trigger an out-of-bounds read and heap overflow via a skel-encoded request body, allowing remote authenticated users to cause a DoS or possibly execute arbitrary code. Affected versions: Subversion 1.7.x; 1.8...

8CVSS7.9AI score0.30216EPSS
CVE
CVE
added 2016/01/08 7:0 p.m.82 views

CVE-2015-5259

The CVE-2015-5259 issue affects Apache Subversion 1.9.x prior to 1.9.3. It arises from an overflow in the read_string path in libsvn_ra_svn/marshal.c when handling svn:// strings, causing a heap-based buffer overflow and an out-of-bounds read. This is exploitable remotely and can allow an attacke...

9CVSS8.9AI score0.57037EPSS