11634 matches found
Apache Httpd < 2.4.52 : Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...
Ubuntu 18.04 LTS : Python vulnerabilities (USN-5200-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5200-1 advisory. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially craft...
Directory traversal
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is...
UBUNTU-CVE-2021-23797
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is...
CVE-2021-23797 Directory Traversal
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is...
CVE-2021-23797
CVE-2021-23797 affects the http-server-node package (all versions) with a Directory Traversal flaw exploitable via the --path-as-is option. The underlying issue is insufficient validation/handling of path parameters, enabling access to sensitive files and compromising confidentiality, integrity, ...
CVE-2021-23797
Removed by vendor...
Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with WebSphere Remote Server (CVE-2021-40438, CVE-2021-34798)
Summary IBM HTTP Server is shipped with WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
USN-5202-1: OpenJDK vulnerabilities
Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information rudimentary por...
http-server-node 路径遍历漏洞
Http-Server-Node is an Http server by the individual developer Guro Beridze in Georgia. A security vulnerability exists in http-server-node due to a lack of effective restriction and filtering of directory permissions and path parameters. An attacker can exploit this vulnerability to obtain...
Oracle Linux 7 : httpd (ELSA-2021-9619)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9619 advisory. - scoreboard: fix null pointer deference Orabug: 33561206CVE-2021-34798 Tenable has extracted the preceding description block directly from the Oracle...
Exploit for Path Traversal in Apache Http_Server
masscve-2021-41773 MASS CVE-2021-41773 Screenshot...
Fedora: Security Advisory for rust-tiny_http0.6 (FEDORA-2021-571e3ed33c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for rust-tiny_http0.6 (FEDORA-2021-c824326120)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for rust-tiny_http (FEDORA-2021-571e3ed33c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with WebSphere Remote Server
Summary IBM HTTP Server is shipped with WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with WebSphere Remote Server (CVE-2021-39275)
Summary IBM HTTP Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
[SECURITY] Fedora 35 Update: rust-tiny_http-0.8.2-1.fc35
Low level HTTP server library...
[SECURITY] Fedora 35 Update: rust-tiny_http0.6-0.6.4-1.fc35
Low level HTTP server library...