EulerOS 2.0 SP11 : mod_http2 (EulerOS-SA-2025-2486)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

EUVD-2023-59143

Malicious code in bioql PyPI...

CVE-2023-6947

The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, whic...

PT-2024-15135 · WordPress · Foogallery

Name of the Vulnerable Software and Affected Versions: FooGallery plugin for WordPress versions up to, and including, 2.4.26 Description: The FooGallery plugin for WordPress has a Directory Traversal issue. This allows authenticated attackers with contributor level or higher to read the contents ...

CVE-2024-4432

CVE-2024-4432 affects Piotnet Addons For Elementor for WordPress. It is a stored XSS via widget attributes, affecting versions up to 2.4.26 due to insufficient input sanitization/output escaping. Exploitation requires authenticated access at contributor level or higher and enables injection of sc...

PT-2024-31130 · WordPress · Piotnet Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor plugin for WordPress versions up to, and including, 2.4.26 Description: The issue is related to Stored Cross-Site Scripting via the plugin's widgets due to insufficient input sanitization and output escaping on us...

WordPress plugin Piotnet Addons For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-25390 · Elementor · Piotnet Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Piotnet Addons For Elementor versions 2.4.26 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means an attacker can inject malicio...

SUSE CVE-2004-0447

Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS...

SUSE CVE-2004-0535

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources...

Security update for xtrabackup (moderate)

openSUSE Security Update: Security update for xtrabackup Announcement ID: openSUSE-SU-2022:10212-1 Rating: moderate References: 1125418 1135095 1170644 1205581 Cross-References: CVE-2020-10997 CVE-2020-29488 CVSS scores: CVE-2020-10997 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...

BSA-2017-361

Security Advisory ID : BSA-2017-361 Component : Apache HTTPD Revision : 2.0: Final In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of theapgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

BSA-2017-365

Security Advisory ID : BSA-2017-365 Component : Apache Revision : 1.0: Interim In Apachehttpd2.2.x before 2.2.33 and 2.4.x before 2.4.26,modmimecan read one byte past the end of a buffer when sending a malicious Content-Type response header. Affected Products Brocade is investigating its product...

Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Windows

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

[ASA-201706-34] apache: multiple issues

Arch Linux Security Advisory ASA-201706-34 ========================================== Severity: High Date : 2017-06-28 CVE-ID : CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 Package : apache Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-316...

Apache HTTP Server Denial of Service Vulnerability (CNVD-2017-13906)

Apache HTTP Server is the United States Apache Apache Software Foundation, an open source web server. The server is fast, reliable and can be expanded through a simple API. A denial of service vulnerability exists in Apache HTTP Server versions prior to 2.4.26. An attacker can exploit this...

ALPINE-CVE-2017-7679

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header...