11631 matches found
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1143)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1172)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-23452
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
Cross site request forgery (csrf)
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452
Apache bRPC’s HTTP server (versions 0.9.5–1.7.0) is affected by a request-smuggling issue caused by non-compliance of the http_parser with RFC 7230 when handling messages with both Transfer-Encoding and Content-Length. In the described scenario, a frontend server using TE can cause a backend bRPC...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-1192)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is otherwise allowed o...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-1172)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is otherwise allowed o...
Imperva uncovers new Indicators of Compromise for FBI and CISA-flagged AndroxGh0st botnet
On January 16, a joint alert from FBI and CISA warned about a concerning development: the emergence of a botnet driven by AndroxGh0st malware targeting vulnerable applications and web servers. AndroxGh0st is a Python-based malware, first seen in late 2022, designed to target Laravel .env files an...
RHEL 8 : container-tools:3.0 (RHSA-2024:0564)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0564 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes:...
RHEL 8 : curl (RHSA-2024:0585)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0585 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1117)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1102)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1102)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is otherwise allowed o...
EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1117)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is otherwise allowed o...
RHEL 8 : httpd:2.4 (RHSA-2023:1672)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1672 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting wi...
USN-6597-1: Puma vulnerability
It was discovered that Puma incorrectly handled parsing chunked transfer encoding bodies. A remote attacker could possibly use this issue to cause Puma to consume resources, leading to a denial of service...
RHEL 9 : curl (RHSA-2024:0452)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0452 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...
RHEL 9 : curl (RHSA-2024:0434)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0434 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...
Moderate: Red Hat Security Advisory: php:8.1 security update
An update for the php:8.1 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...