EulerOS Virtualization 2.10.1 : curl (EulerOS-SA-2023-1143)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent...

Asus RT-AX82U cfg_server cm_processConnDiagPktList denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1592 Asus RT-AX82U cfgserver cmprocessConnDiagPktList denial of service vulnerability January 10, 2023 CVE Number CVE-2022-38393 SUMMARY A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U...

PT-2023-10138 · Unknown · Maps-Js-Icoads

Name of the Vulnerable Software and Affected Versions: maps-js-icoads affected versions not specified Description: A critical issue was found in the processing of the file http-server.js, leading to path traversal. The manipulation of this file can cause security problems. Recommendations: Apply...

EulerOS Virtualization 3.0.2.6 : httpd (EulerOS-SA-2023-1074)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

http4s 输入验证错误漏洞

http4s is an open source streaming HTTP server for Scala. An input validation error vulnerability exists in several versions of http4s, which stems from the fact that its User-Agent and Server header parsers are prone to fatal errors in processing certain input. The following versions are affecte...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application and IBM HTTP Server included as part of IBM Tivoli Monitoring ITM portal server: CVE-2022-34336 CVE-2022-22477 CVE-2022-22473 CVE-2022-34165. The IBM Tivoli Monitoring include IBM HTTP Server is also affected...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. CVEs: CVE-2022-22365, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556. It also includes Java 8...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring installed WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-29736 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. CVEs: CVE-2021-23450, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-25315, CVE-2022-25313, CVE-2022-25235, CVE-2022-25236,...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2905)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2931)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-2905)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-2931)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2866)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-2884)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-2866)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...

Fedora 36 : mod_auth_openidc (2022-6beaa3bd0c)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6beaa3bd0c advisory. CVE-2022-23527 modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character Tenable has extracted the preceding description block...

Fedora 36 : golang-github-distribution-3 (2022-13ad572b5a)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-13ad572b5a advisory. Update to 3.0.0 pre1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Thu Dec 22 10:09:37 CST 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javadec2022advisory.asc https://aix.software.ibm.com/aix/efixes/security/javadec2022advisory.asc...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-2815)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...