Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-1052)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : httpd (EulerOS-SA-2022-1069)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

Security Bulletin: Multiple vulnerabilities have been identified in IBM HTTP Server used by IBM Rational ClearQuest

Summary IBM HTTP Server IHS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting IHS have been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

EulerOS Virtualization 3.0.6.0 : python2 (EulerOS-SA-2022-1051)

According to the versions of the python2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, w...

com.github.cchacin:cucumber-common-steps (>=0.0.2 <=0.1.8), com.github.httpmock:mock-http-server-junit (>=1.0.0 <=1.1.5) +217 more potentially affected by CVE-2020-1954 via org.apache.cxf:cxf-rt-management (>=2.0.6 <=3.2.12)

org.apache.cxf:cxf-rt-management MAVEN version =2.0.6, =0.0.2, =1.0.0, =1.0.0, =0.1.0, =2.0.0, =0.1.0, =1.0, =1.0.0, =2.2.24.11, =2.2.10, =2.2.7, =2.2.9.1, =2.2.7, =2.2.7, =2.2.23.1 and more Source cves: CVE-2020-1954 Source advisory: OSV:GHSA-FFM7-7R8G-77XM...

CVE-2022-22532

In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the...

Input validation

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This...

CVE-2022-22532

In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013-LAB Apache HTTP Server 2.4.50 - RCE Lab exp...

CVE-2021-43848

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

CVE-2021-43848

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

CVE-2021-43848

CVE-2021-43848 concerns h2o, an open source HTTP server. Affects HTTP/3 support where, from commits 93af138 to d1f0f65, h2o may access uninitialized memory when processing QUIC frames, potentially treating such memory as HTTP/3 frames. In reverse proxy scenarios, an attacker could cause h2o to le...

Mageia: Security Advisory (MGASA-2018-0355)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0407)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2022-1033)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2022-1013)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the...

Mageia: Security Advisory (MGASA-2020-0166)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0327)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: httpd24-httpd security update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

httpd: mod_lua: Possible buffer overflow when parsing multipart content

A buffer overflow flaw in httpd's lua module could allow an out-of-bounds write. An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability...