ALSA-2022:7624 Moderate: php:8.0 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2100876 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...

ALSA-2022:7628 Moderate: php:7.4 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.30, php-pear 1.10.13. BZ2055422 Security Fixes: php: Special character breaks path in xml parsing CVE-2021-21707 php: Use after free...

Moderate: php:8.0 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.20. BZ2100876 Security Fixes: php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to arbitrary code execution due to CVE-2022-22721

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to arbitrary code execution. This bulletin provides patch informatio...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality due to CVE-2022-28615

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality. This bulletin provides patch information...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality due to CVE-2022-28614

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality. This bulletin provides patch information...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to CVE-2022-29404, CVE-2022-30522, CVE-2022-30556 and CVE-2022-31813

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service due to CVE-2022-29404 and CVE-2022-30522, loss ...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service due to CVE-2020-13950

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service. This bulletin provides patch information to...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service due to CVE-2022-22719

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service. This bulletin provides patch information to...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to arbitrary code execution CVE-2022-23943

Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to arbitrary code execution. This bulletin provides patch informatio...

Exploit for Improper Restriction of XML External Entity Reference in Wordpress

CVE-2021-29447-POC About This script automates the requir...

Amazon Linux 2022 : httpd, httpd-core, httpd-devel (ALAS2022-2022-202)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-202 advisory. An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests...

Exploit for Out-of-bounds Write in Openssl

Detection for CVE-2022-3602 - OpenSSL RCE/DOC v3.0.0 - v3.0.6...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2685)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2653)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-24942 Heap-based buffer overflow in MicriumOS HTTP Server allows potential remote code execution

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...

CVE-2022-24942

CVE-2022-24942 affects Micrium uC-HTTP 3.01.01’s HTTP Server. The vulnerability is a heap-based buffer overflow in the server's HTTP handling, enabling remote code execution via a crafted HTTP request over the network. According to the connected sources, the impact can be high on confidentiality,...

Webmin 1.984 File Manager Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin File Manager RCE', 'Description' = %q In Webmin version 1.984, any authenticated low privilege user without access rights to the File...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-2685)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-2653)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...