Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-4644 | 3.5 |
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
|
13-02-2023 - 03:20 | 07-01-2011 - 19:00 | |
CVE-2019-0203 | 5.0 |
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
|
21-07-2021 - 11:39 | 26-09-2019 - 16:15 | |
CVE-2017-9800 | 7.5 |
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user
|
20-10-2020 - 22:15 | 11-08-2017 - 21:29 | |
CVE-2018-11782 | 4.0 |
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
|
27-09-2019 - 15:33 | 26-09-2019 - 16:15 | |
CVE-2013-1849 | 4.3 |
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL. Per: http://cw
|
19-09-2017 - 01:36 | 02-05-2013 - 14:55 | |
CVE-2011-1921 | 4.3 |
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly reada
|
19-09-2017 - 01:32 | 06-06-2011 - 19:55 | |
CVE-2011-0715 | 4.3 |
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. Per: http
|
19-09-2017 - 01:32 | 11-03-2011 - 22:55 | |
CVE-2014-0032 | 4.3 |
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the serve
|
29-08-2017 - 01:34 | 14-02-2014 - 15:55 | |
CVE-2015-3187 | 4.0 |
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node tha
|
01-07-2017 - 01:29 | 12-08-2015 - 14:59 | |
CVE-2014-8108 | 5.0 |
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a
|
03-01-2017 - 02:59 | 18-12-2014 - 15:59 | |
CVE-2014-3580 | 5.0 |
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does n
|
24-12-2016 - 02:59 | 18-12-2014 - 15:59 |