Lucene search
+L

5 matches found

cve
cve
added 2014/08/19 6:0 p.m.104 views

CVE-2014-3528

CVE-2014-3528 affects Apache Subversion: cached credentials are protected by an MD5 hash of the URL and authentication realm. Subversion 1.0.0–1.7.x (before 1.7.17) and 1.8.x (before 1.8.10) store credentials in this manner, which may allow a remote server to obtain credentials via a crafted auth...

4CVSS8.6AI score0.07495EPSS
cve
cve
added 2014/12/18 3:0 p.m.104 views

CVE-2014-3580

CVE-2014-3580 affects the mod_dav_svn component of Apache Subversion (1.x) prior to 1.7.19 and 1.8.x prior to 1.8.11. A remote attacker can trigger a NULL pointer dereference via a REPORT request for a non-existent resource , causing a denial of service and server crash. Connected sources documen...

5CVSS8.7AI score0.1067EPSS
cve
cve
added 2014/08/19 6:0 p.m.93 views

CVE-2014-3522

The CVE-2014-3522 vulnerability affects Subversion’s Serf RA layer, where wildcards in X.509 CN/subjectAltName are not properly validated, enabling MITM certificate spoofing. Affected: Subversion Serf-based TLS for versions 1.4.0–1.7.x before 1.7.18 and 1.8.x before 1.8.10. Impact: potential disc...

4CVSS8.3AI score0.05581EPSS
cve
cve
added 2014/12/18 3:0 p.m.93 views

CVE-2014-8108

The CVE-2014-8108 issue affects the Apache Subversion mod_dav_svn module. According to connected docs, Subversion 1.7.x is vulnerable before 1.7.19 and 1.8.x is vulnerable before 1.8.11, where a remote attacker can trigger a NULL pointer dereference by requesting a URI that causes a lookup for a ...

5CVSS8.7AI score0.09692EPSS
cve
cve
added 2014/10/08 5:0 p.m.77 views

CVE-2014-6394

The CVE-2014-6394 entry concerns visionmedia send before 0.8.4 for Node.js. The vulnerability arises from a partial directory-root verification, which can allow a remote attacker to escape the intended restricted directory and access files such as those under a public-restricted path (e.g., publi...

7.5CVSS6.3AI score0.04257EPSS