Lucene search
+L

17 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-2043

Malware in sbrugna...

5CVSS6.4AI score0.01408EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-2044

Malware in sbrugna...

7.5CVSS6.4AI score0.01116EPSS
Exploits0References2
openvas
openvas
added 2022/01/28 12:0 a.m.41 views

Mageia: Security Advisory (MGASA-2019-0109)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.19994EPSS
Exploits0References5
redhat
redhat
added 2020/06/22 12:28 p.m.7 views

httpd: mod_http2: read-after-free on a string compare

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5.3CVSS7AI score0.193EPSS
Exploits0References6
openvas
openvas
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-2249)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7AI score0.1786EPSS
Exploits0References2
githubexploit
githubexploit
added 2019/12/04 3:1 p.m.144 views

Exploit for Unrestricted Upload of File with Dangerous Type in Verot_Project Verot

class.upload.php...

9.8CVSS9.5AI score0.26184EPSS
Exploits7
redhat
redhat
added 2019/11/20 4:8 p.m.6 views

httpd: mod_http2: possible crash on late upgrade

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS7AI score0.08441EPSS
Exploits0References6
nvd
nvd
added 2019/06/11 9:29 p.m.23 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.3AI score0.1786EPSS
Exploits0References40
alpinelinux
alpinelinux
added 2019/06/11 8:49 p.m.54 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.7AI score0.1786EPSS
Exploits0
osv
osv
added 2019/04/08 10:29 p.m.3 views

DEBIAN-CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS8.4AI score0.65005EPSS
Exploits8References1
openvas
openvas
added 2019/04/08 12:0 a.m.78 views

Apache HTTP Server < 2.4.39 mod_http2 DoS Vulnerability - Linux

When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for...

4.9CVSS6AI score0.08441EPSS
Exploits0References1
openvas
openvas
added 2019/04/08 12:0 a.m.3046 views

Apache HTTP Server < 2.4.39 Privilege Escalation Vulnerability - Linux

In Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulating the...

7.8CVSS7.6AI score0.65005EPSS
Exploits8References3
thn
thn
added 2019/04/02 5:38 p.m.5 views

New Apache Web Server Bug Threatens Security of Shared Web Hosts

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in...

7.8CVSS7.6AI score0.65005EPSS
Exploits8
symantec
symantec
added 2019/04/01 12:0 a.m.506 views

Apache HTTP Server CVE-2019-0211 Local Privilege Escalation Vulnerability

Description Apache HTTP Server is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the affected application. Apache HTTP Server versions 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.30, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25,...

7.2CVSS0.7AI score0.65005EPSS
Exploits8References4Affected Software5
openvas
openvas
added 2019/02/05 12:0 a.m.431 views

Apache HTTP Server 2.4.37 mod_ssl DoS Vulnerability - Windows

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.5CVSS7.3AI score0.59942EPSS
Exploits0References1
openvas
openvas
added 2019/02/05 12:0 a.m.110 views

Apache HTTP Server 2.4.37 mod_ssl DoS Vulnerability - Linux

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.5CVSS7.3AI score0.59942EPSS
Exploits0References1
httpd
httpd
added 2019/01/23 12:0 a.m.101 views

Apache Httpd < 2.4.39 : mod_ssl access control bypass

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions...

7.5CVSS1.7AI score0.10508EPSS
Exploits0Affected Software1
Rows per page
Query Builder