Lucene search
+L

65 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:10 a.m.76 views

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)

Summary IBM Rational Build Forge version 8.0.x is affected by CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452 Vulnerability Details CVEID:CVE-2021-31618 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of...

7.5CVSS7.8AI score0.65067EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.88 views

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modproxy: X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813 - Apache HTTP Server...

9.1AI score0.90407EPSS
Exploits3References21
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.37 views

Rocky Linux 8 : httpd:2.4 (RLSA-2021:4257)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4257 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash,...

7.5CVSS6.7AI score0.65067EPSS
Exploits0References10
OSV
OSV
added 2023/08/31 12:14 p.m.3 views

BELL-CVE-2021-26690 CVE-2021-26690 does not affect BellSoft software

Bulletin has no description...

7.5CVSS7.1AI score0.65067EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2023/04/25 11:49 a.m.73 views

Advisory ROSA-SA-2023-2159

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: 2.4.37 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries. Exploitation of the...

9.8CVSS8.9AI score0.90039EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.57 views

NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2023-1001)

The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily...

9.8CVSS7.1AI score0.97108EPSS
Exploits11References29
Oracle linux
Oracle linux
added 2023/04/05 12:0 a.m.100 views

httpd security update

2.4.6-98.0.3 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34381850 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 2.4.6-98.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.7 - Resolves: 2177742 -...

9.8CVSS9.3AI score0.8377EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.49 views

CBL Mariner 2.0 Security Update: httpd (CVE-2021-26690)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-26690 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause...

7.5CVSS7.5AI score0.65067EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.71 views

K41320158: Apache vulnerability CVE-2021-26690

Security Advisory Description Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service CVE-2021-26690 Impact There is no impact; F5 products are not affected by this...

7.5CVSS7.5AI score0.65067EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.4 views

SUSE CVE-2021-26690

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

8.1CVSS9.1AI score0.65067EPSS
Exploits0References9
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.39 views

CVE-2021-26690 affecting package httpd for versions less than 2.4.46-10

CVE-2021-26690 affecting package httpd for versions less than 2.4.46-10. A patched version of the package is available...

7.5CVSS7.8AI score0.65067EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/03/24 12:0 a.m.100 views

httpd security update

2.4.6-97.0.5.5 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.5 - Resolves: 2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier...

9.8CVSS0.4AI score0.65067EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.37 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1069)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.68067EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1124)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.99999EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.40 views

Mageia: Security Advisory (MGASA-2021-0265)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.68067EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2878)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.68067EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/12/30 12:0 a.m.38 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2832)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.99999EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2021/11/17 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2746)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.68067EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.313 views

EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2021-2779)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

9.8CVSS7.3AI score0.68067EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.52 views

Oracle Linux 8 : httpd:2.4 (ELSA-2021-4257)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4257 advisory. - Add checks on the configured UDS path Orabug: 33412270CVE-2021-40438 - Resolves: 1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression -...

9CVSS7.5AI score0.99999EPSS
Exploits7References3
Rows per page
Query Builder