Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11634 matches found

OSV
OSVadded 2020/08/07 4:15 p.m.36 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.8CVSS6.6AI score
Exploits0References32
OSV
OSVadded 2020/08/07 4:15 p.m.6 views

DEBIAN-CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS6.6AI score0.58716EPSS
Exploits2References1
OSV
OSVadded 2020/08/07 4:15 p.m.49 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS6.7AI score0.58716EPSS
Exploits2References26
Prion
Prionadded 2020/08/07 4:15 p.m.29 views

Spoofing

IP address spoofing when proxying using modremoteip and modrewrite For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively...

4.3CVSS5.3AI score0.05884EPSS
Exploits0References16Affected Software1
Prion
Prionadded 2020/08/07 4:15 p.m.31 views

Information disclosure

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

7.5CVSS9.2AI score0.90039EPSS
Exploits2References32Affected Software12
UbuntuCve
UbuntuCveadded 2020/08/07 4:15 p.m.81 views

CVE-2020-9490

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability f...

7.5CVSS7.2AI score0.89744EPSS
Exploits0References4
Prion
Prionadded 2020/08/07 4:15 p.m.41 views

Information disclosure

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

4.3CVSS8.4AI score0.58716EPSS
Exploits2References26Affected Software12
Prion
Prionadded 2020/08/07 4:15 p.m.44 views

Design/Logic Flaw

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability f...

5CVSS7.3AI score0.89744EPSS
Exploits0References29Affected Software25
UbuntuCve
UbuntuCveadded 2020/08/07 4:15 p.m.122 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS7AI score0.58716EPSS
Exploits2References4
UbuntuCve
UbuntuCveadded 2020/08/07 4:15 p.m.391 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.8CVSS7AI score0.90039EPSS
Exploits2References7
CVE
CVEadded 2020/08/07 3:36 p.m.1543 views

CVE-2020-11985

CVE-2020-11985 – Apache HTTP Server spoofing via proxying with mod_remoteip and mod_rewrite is documented in the initial CVE entry and corroborated by connected sources. Affected behavior: an attacker could spoof their IP address for logs and PHP scripts when proxying through mod_remoteip with ce...

5.3CVSS5.9AI score0.05884EPSS
Exploits0References16Affected Software1
Cvelist
Cvelistadded 2020/08/07 3:36 p.m.40 views

CVE-2020-11985

IP address spoofing when proxying using modremoteip and modrewrite For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively...

6.1AI score0.05884EPSS
Exploits0References16
Debian CVE
Debian CVEadded 2020/08/07 3:32 p.m.89 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS6.6AI score0.58716EPSS
Exploits2
Cvelist
Cvelistadded 2020/08/07 3:32 p.m.74 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

8.7AI score0.58716EPSS
Exploits2References26
CVE
CVEadded 2020/08/07 3:32 p.m.3069 views

CVE-2020-11993

CVE-2020-11993 affects Apache HTTP Server 2.4.20–2.4.43: when trace/debug is enabled for the HTTP/2 module and certain traffic patterns, logging can be performed on the wrong connection, leading to concurrent use of memory pools. Mitigation in public advisories: set LogLevel for mod_http2 above i...

7.5CVSS8.6AI score0.58716EPSS
In wildExploits2References26Affected Software1
AlpineLinux
AlpineLinuxadded 2020/08/07 3:32 p.m.66 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS8.8AI score0.58716EPSS
Exploits2
Cvelist
Cvelistadded 2020/08/07 3:27 p.m.55 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.5AI score0.90039EPSS
Exploits2References32
Debian CVE
Debian CVEadded 2020/08/07 3:27 p.m.160 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.8CVSS6.6AI score0.90039EPSS
Exploits2
AlpineLinux
AlpineLinuxadded 2020/08/07 3:27 p.m.48 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.8CVSS9.6AI score0.90039EPSS
Exploits2
CVE
CVEadded 2020/08/07 3:27 p.m.11967 views

CVE-2020-11984

CVE-2020-11984 affects Apache HTTP Server mod_proxy_uwsgi. Based on the provided documents, it is a vulnerability in httpd’s uwsgi handling that can lead to information disclosure and potentially remote code execution. The vulnerability was reported for Apache HTTP Server versions around 2.4.32 t...

9.8CVSS9.3AI score0.90039EPSS
In wildExploits2References32Affected Software1
Rows per page
Query Builder