Astra Linux - уязвимость в apache2

A properly crafted request URI-path can cause modproxy to forward the request to an origin server chosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

Astra Linux - уязвимость в apache2

A carefully crafted request URI-path can cause modproxyuwsgi to exceed the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

RHEL 7 : openldap (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openldap: ACL restrictions bypass due to saslssf value being set permanently CVE-2019-13565 -...

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 23 / 9.0.0 < 9.0.0 Patch 16 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities, including the following: - An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would...

Oracle Linux 8 : httpd:2.4 (ELSA-2022-0891)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0891 advisory. - Resolves: 2059256 - CVE-2021-34798 httpd:2.4/httpd: NULL pointer dereference via malformed requests Tenable has extracted the preceding description...

orangescrum 1.8.0 - (Multiple) Cross-Site Scripting Vulnerability

Exploit Title: orangescrum 1.8.0 - 'Multiple' Cross-Site Scripting XSS Authenticated Exploit Author: Hubert Wojciechowski Contact Author: email protected Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0 Testeted o...

opencart 3.0.3.8 - Sessjion Injection Vulnerability

Exploit Title: opencart 3.0.3.8 - Sessjion Injection Exploit Author: Hubert Wojciechowski Contact Author: email protected Company: https://redteam.pl Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/ Version: 3.0.3.8 Testeted on: Windows 10 using XAMPP,...

OpenLDAP < 2.4.48 Multiple Vulnerabilities

OpenLDAP is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OESA-2021-1387 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apach...

Online Traffic Offense Management System 1.0 Shell Upload

Exploit Title: Online Traffic Offense Management System 1.0 - Multiple RCE Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...

Apache HTTP Server Code Issue Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A security vulnerability exists in Apache HTTP Server version 2.4.48 and earlier, which stems from a malformed request that could...

Apache HTTP Server Denial of Service Vulnerability (CNVD-2022-03205)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server versions 2.4.30 to 2.4.48 contain a denial-of-service vulnerability that stems from a network system or product that does not properly validate incoming data. An attacker could exploit this vulnerabilit...

Apache HTTP Server ap_escape_quotes buffer overflow vulnerability

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API. buffer overflow vulnerability exists in Apache HTTP Server versions 2.4.48 and earlier, which stems from the possibility that apescapequotes may write content...

ALPINE-CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

AZL-6486 CVE-2021-39275 affecting package httpd for versions less than 2.4.52-1

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

DEBIAN-CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

ALPINE-CVE-2021-34798

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

CVE-2021-36160

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

UBUNTU-CVE-2021-34798

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...