Known Vulnerabilities for products from Cvs
Listed below are 18 of the newest known vulnerabilities associated with the vendor "Cvs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2012-0804 json | Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy server... | 10 - HIGH | 2012-05-29 | 2023-02-13 |
| CVE-2005-2693 json | cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files a... | Not Provided | 2005-08-26 | 2025-04-03 |
| CVE-2005-0753 json | Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code. | Not Provided | 2005-04-18 | 2025-04-03 |
| CVE-2004-1471 json | Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers wit... | Not Provided | 2004-12-31 | 2025-04-03 |
| CVE-2004-1343 json | CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in... | Not Provided | 2004-12-31 | 2025-04-03 |
| CVE-2004-1342 json | CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via ... | Not Provided | 2005-04-27 | 2025-04-03 |
| CVE-2004-0418 json | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may a... | Not Provided | 2004-08-06 | 2025-04-03 |
| CVE-2004-0417 json | Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x throug... | Not Provided | 2004-08-06 | 2025-04-03 |
| CVE-2004-0416 json | Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow ... | Not Provided | 2004-08-06 | 2025-04-03 |
| CVE-2004-0414 json | CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NUL... | Not Provided | 2004-08-06 | 2025-04-03 |
| CVE-2004-0405 json | CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a... | Not Provided | 2004-06-01 | 2025-04-03 |
| CVE-2004-0396 json | Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remo... | Not Provided | 2004-06-14 | 2025-04-03 |
| CVE-2004-0180 json | The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files th... | Not Provided | 2004-06-01 | 2025-04-03 |
| CVE-2003-0977 json | CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root... | Not Provided | 2004-01-05 | 2025-04-03 |
| CVE-2003-0015 json | Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute... | Not Provided | 2003-02-07 | 2025-04-03 |
| CVE-2002-0092 json | CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service ... | Not Provided | 2002-03-15 | 2025-04-03 |
| CVE-2000-0680 json | The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which al... | Not Provided | 2000-10-20 | 2025-04-03 |
| CVE-2000-0679 json | The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to cr... | Not Provided | 2000-10-20 | 2025-04-03 |