104 matches found
@ardier16/node-lb (>=1.0.0 <=2.0.0), @economist/backstopjs (>=0.0.1 <=0.0.3) +138 more potentially affected by CVE-2020-7679 via casperjs (>=1.1.0-beta3 <=1.1.4)
casperjs NPM version =1.1.0-beta3, =1.0.0, =0.0.1, =0.1.0, =1.2.0, =0.4.0, =0.1.0, =0.0.2, =3.40.4-ez-bin.7, =0.0.1, =0.0.2, =0.0.3 - autocallinjs =1.0.0 and more Source cves: CVE-2020-7679 Source advisory: OSV:GHSA-VRR3-5R3V-7XFW...
CVE-2020-7679
creationtimestamp| type| source ---|---|--- 2021-05-17 21:00:52+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-vrr3-5r3v-7xfw...
SUSE: Security Advisory (SUSE-SU-2017:1714-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2449-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-7679
In all versions of package casperjs, the mergeObjects utility function is susceptible to Prototype Pollution...
CVE-2020-7679
CasperJS is affected by a Prototype Pollution vulnerability in the mergeObjects utility function across all versions. The issue allows an attacker to inject properties into Object.prototype (via proto or similar paths), potentially polluting prototypes and enabling unintended behavior. Documented...
@ardier16/node-lb (>=1.0.0 <=2.0.0), @economist/backstopjs (>=0.0.1 <=0.0.3) +138 more potentially affected by CVE-2020-7679 via casperjs (>=1.1.0-beta3 <=1.1.4)
casperjs NPM version =1.1.0-beta3, =1.0.0, =0.0.1, =0.1.0, =1.2.0, =0.4.0, =0.1.0, =0.0.2, =3.40.4-ez-bin.7, =0.0.1, =0.0.2, =0.0.3 - autocallinjs =1.0.0 and more Source cves: CVE-2020-7679 Source advisory: SNYK:JS-CASPERJS-572803...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1178)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1419)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1389)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668 and CVE-2017-7679 in IBM i HTTP Server
Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmime. By sending a specially crafted Content-Ty...
Security Bulletin: Vulnerability in IBM HTTP Server affects Netezza Performance Portal
Summary IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in...
Symantec Content Analysis < 2.3.1.1 affected by Multiple Vulnerabilities (SYMSA1410)
The version of Symantec Content Analysis running on the remote host is prior to version 2.3.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a...
HPESBUX03908 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabilities.
Potential Security Impact: Remote: Authentication Bypass, Denial of Service DoS, Disclosure of Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX Apache-based Web Server B.11.31 - httpd prior to B.2.4.18.03 CVSS Scores: | CVE | CVSS Vector | Base Score | |...
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2017-7679, CVE-2017-7668, CVE-2017-3167)
Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...
CVE-2018-7679
Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution...
CVE-2018-7679
Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution...
CVE-2018-7679
CVE-2018-7679 is a remote code execution vulnerability in Micro Focus SBM. Connected CNVD/NVD entries describe SBM versions prior to 11.4 where ASP.NET is configured with execute permission on virtual directories and user avatar images are not validated, enabling an attacker to run arbitrary code...
Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server Vulnerabilities
Summary IBM Security SiteProtector System has addressed the following vulnerabilities in Apache HTTP Server. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmime. By sending a...
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway
Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin...