Directory traversal in Mort Bay Jetty

Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI...

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns due to Expat vulnerabilities

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the Expat library affecting the IBM HTTP Server used by IBM WebSphere Application Server CVE-2022-25313, CVE-2022-25315,...

CVE-2022-28994

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request...

Buffer overflow

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request...

CVE-2022-28994

CVE-2022-28994 affects Small HTTP Server, version 3.06. The vulnerability is a remote buffer overflow triggered by a long GET request in the HTTP server’s request handling. Exploitation could allow an attacker to cause memory corruption, potentially leading to a crash or code execution, depending...

CVE-2022-28994

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request...

GHSA-P5RR-Q5G6-GM42 Jetty HTTP Server Denial of Service vulnerability

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service memory usage and application crash via HTTP requests with a large Content-Length...

Jetty HTTP Server Denial of Service vulnerability

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service memory usage and application crash via HTTP requests with a large Content-Length...

Small HTTP Server 安全漏洞

Small Http Server is a small Http server from the individual developer Max Feoktistov. A security vulnerability exists in Small Http Server version 3.06, which stems from a remote buffer overflow vulnerability caused by a long GET request...

Amazon Linux AMI : httpd24 (ALAS-2022-1584)

The version of httpd24 installed on the remote host is prior to 2.4.53-1.96. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1584 advisory. A flaw was found in the modlua module of httpd. A crafted request body can cause a read to a random memory area due to ...

Amazon Linux 2 : httpd (ALAS-2022-1783)

The version of httpd installed on the remote host is prior to 2.4.53-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1783 advisory. A flaw was found in the modlua module of httpd. A crafted request body can cause a read to a random memory area due to an...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2022-1569)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the Expat library affecting the IBM HTTP Server used by IBM WebSphere Application Server CVE-2021-45960, CVE-2022-22822, CVE-2022-23990,...

Slackware: Security Advisory (SSA:2021-280-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 (RHSA-2022:1389)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1389 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This...

Slackware: Security Advisory (SSA:2021-259-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1488)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixi...

Oracle Enterprise Manager Ops Center (Apr 2022 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Web Server Apache HTTP Server...