Moderate: Red Hat Security Advisory: httpd24-httpd security and bug fix update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager.

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about multiple security vulnerabilitiesCVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556 affecting IBM WebSphere...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2383)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1862 PM87808

Abstract Potential Security exposure in IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1862 DESCRIPTION: IBM HTTP Server optional modrewrite module does not properly filter terminal escape sequences from logs, which could make it easier for a remot...

Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 PM85211

Abstract Potential Security Exposure with IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-0169 PM85211 DESCRIPTION: The TLS protocol in the GSKIT component of the IBM HTTP Server does not properly consider timing side-channel attacks, which could...

Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1896 PM89996

Abstract Potential Security exposure in IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1896 DESCRIPTION: IBM HTTP Server may be vulnerable to a denial of service, caused by a malicious request when using the optional moddav module. CVSS: CVSS Base...

ALPINE-CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

Design/Logic Flaw

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

NETGEAR N300 缓冲区错误漏洞

NETGEAR N300 is a wireless router from NETGEAR. A buffer error vulnerability exists in the NETGEAR N300 wireless router wnr2000v4-V1.0.0.70 version, which stems from susceptibility to uhttpd buffer overflow and a stack overflow vulnerability in strcpy...

EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2022-2383)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...

EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2022-2347)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

Ubuntu: Security Advisory (USN-5629-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A Security Vulnerability Has Been Identified in IBM HTTP Server Shipped With Asset and Service Management (CVE-2014-0963)

Summary IBM HTTP Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

Security Bulletin: Potential denial of service may affect IBM HTTP Server on Windows (CVE-2015-1829), impacting Asset and Service Management

Summary There is a potential denial of service that may affect IBM HTTP Server on Windows CVE-2015-1829. To exploit the attack requires local access to the server system. The attack affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for...