Aggregates CVE and security vulnerability intelligence across all perforce-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling, vendor risk input validation, vendor risk xxe, and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact unexpected behavior.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-0930 | The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via crafted data that includes a byte sequence of 0xdc, 0xff, 0xff, and 0xff immediately before the client protocol version number. | [email protected] | 5.0 | 1.14% | 2010-03-05 | 2026-06-16 |
| CVE-2010-0929 | The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff. | [email protected] | 5.0 | 1.14% | 2010-03-05 | 2026-06-16 |
| CVE-2008-1338 | The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted. | [email protected] | 7.8 | 2.09% | 2008-03-14 | 2026-06-16 |
| CVE-2008-1303 | The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference. | [email protected] | 5.0 | 7.58% | 2008-03-12 | 2026-06-16 |
| CVE-2008-1302 | The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. | [email protected] | 5.0 | 1.75% | 2008-03-12 | 2026-06-16 |
| CVE-2007-6349 | P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0. | [email protected] | 7.8 | 1.98% | 2007-12-20 | 2026-06-16 |
| CVE-2007-0100 | The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server. | [email protected] | 10.0 | 1.84% | 2007-01-08 | 2026-06-16 |