CVE-2023-25690

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1423)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1408)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-26281)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

IBM WebSphere Application Server Input Validation Error Vulnerability (CNVD-2023-20087)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server HTTP Server version 8.5...

[SECURITY] [DLA 3351-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3351-1 [email protected] https://www.debian.org/lts/security/ Lee Garrett March 03, 2023 https://wiki.debian.org/LTS -...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001]

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001 Vulnerability Details Refer to the...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

Exploit for Improper Input Validation in Snakeyaml_Project Snakeyaml

SnakeYAML-CVE-2022-1471-POC Code for veracode blog To demonst...

Vulnerability fixed in IBM Websphere

IBM has fixed a vulnerability in the HTTP server which is used in Websphere Application Server. An unauthenticated remote attacker could exploit the vulnerability to cause a Denial-of-Service by offering a prepared, malformed URL. IBM has released updates to fix the vulnerability in HTTP Server f...

CVE-2023-26281

IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296...

CVE-2023-26281

IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296...

Code injection

IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296...

CVE-2023-26281 IBM HTTP Server denial of service

IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296...

CVE-2023-26281 IBM HTTP Server denial of service

IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296...

CVE-2023-26281

CVE-2023-26281 affects IBM HTTP Server 8.5 (used with IBM WebSphere Application Server). A remote attacker can trigger a denial-of-service by sending a specially crafted URL. The issue is addressed by IBM HTTP Server fixes; advisories reference an update path for IBM HTTP Server (e.g., 8.5.5.24) ...

Security Bulletin: Denial of Service vulnerability in IBM HTTP Server used by WebSphere Application Server affects IBM Business Automation Workflow (CVE-2023-26281)

Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...

Security Bulletin: IBM HTTP Server is vulnerable to multiple vulnerabilities due to the included Apache HTTP Server and Apache Portable Runtime

Summary There are multiple vulnerabilities in the IBM HTTP Server, which is used by IBM WebSphere Application Server, due to the included Apache HTTP Server and Apache Portable Runtime: CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2006-20001, and CVE-2022-25147. This has been addressed in...

Security Bulletin: Vulnerabilities in Bash affect IBM SAN b-type Switches (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM SAN b-type Switches. Vulnerability Details CVE-ID : CVE-2014-6271...

PT-2023-20583 · Ibm · Ibm Http Server

Name of the Vulnerable Software and Affected Versions: IBM HTTP Server versions 8.5 Description: The issue allows a remote user to cause a denial of service using a specially crafted URL. Recommendations: For IBM HTTP Server version 8.5, consider restricting access to the server until a fix is...