11646 matches found
undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed
A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...
CVE-2019-0197
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...
undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed
A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...
undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed
A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...
Fedora Update for php FEDORA-2019-8c4b25b5ec
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for php FEDORA-2019-be4f895015
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server used in IBM WebSphere Application Server in IBM Cloud (CVE-2019-0211 CVE-2019-0220)
Summary There are multiple vulnerabilities in the IBM HTTP Server used by WebSphere Application Server. Apache HTTP Server could provide weaker than expected security, caused by URL normalization inconsistencies. Apache HTTP Server could allow a local authenticated attacker to gain elevated...
Path Traversal in angular-http-server
Versions of angular-http-server before 1.4.4 are vulnerable to path traversal. Recommendation Update to version 1.4.4 or later...
GHSA-VMHW-FHJ6-M3G5 Path Traversal in angular-http-server
Versions of angular-http-server before 1.4.4 are vulnerable to path traversal. Recommendation Update to version 1.4.4 or later...
RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 (RHSA-2019:1297)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1297 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update
An update is now available for JBoss Core Services on RHEL 6 and RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update
Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 zip release for RHEL 6 and RHEL 7 is available. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2019-0211, CVE-2019-0220)
Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...
CVE-2019-11231
An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...
CVE-2019-11231
GetSimple CMS
CVE-2019-11231
An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...
Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution Exploit
Exploit for java platform in category web applications / Exploit Title: Brocade Network Advisor - Unauthenticated Remote Code Execution Date: 2017-03-29 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.broadcom.com/ CVE: CVE-2018-6443 Version: Tested on Brocade Network Advisor 14.X....
Denial Of Service
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...
Path Traversal
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...
Denial Of Service
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...