Lucene search
K

11646 matches found

RedHat Linux
RedHat Linux
added 2019/06/11 3:32 p.m.2 views

undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...

9.8CVSS5.8AI score0.03412EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/06/11 12:0 a.m.48 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS6.7AI score0.08441EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/06/10 4:51 p.m.3 views

undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...

9.8CVSS5.8AI score0.03412EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/06/10 4:41 p.m.2 views

undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange...

9.8CVSS5.8AI score0.03412EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2019/06/09 12:0 a.m.82 views

Fedora Update for php FEDORA-2019-8c4b25b5ec

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.9AI score0.04332EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2019/06/06 12:0 a.m.94 views

Fedora Update for php FEDORA-2019-be4f895015

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.8AI score0.0313EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/04 2:35 p.m.30 views

Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server used in IBM WebSphere Application Server in IBM Cloud (CVE-2019-0211 CVE-2019-0220)

Summary There are multiple vulnerabilities in the IBM HTTP Server used by WebSphere Application Server. Apache HTTP Server could provide weaker than expected security, caused by URL normalization inconsistencies. Apache HTTP Server could allow a local authenticated attacker to gain elevated...

7.8CVSS1.1AI score0.65005EPSS
Exploits8Affected Software1
Github Security Blog
Github Security Blog
added 2019/05/31 11:46 p.m.14 views

Path Traversal in angular-http-server

Versions of angular-http-server before 1.4.4 are vulnerable to path traversal. Recommendation Update to version 1.4.4 or later...

3.8AI score
Exploits0References4Affected Software1
OSV
OSV
added 2019/05/31 11:46 p.m.21 views

GHSA-VMHW-FHJ6-M3G5 Path Traversal in angular-http-server

Versions of angular-http-server before 1.4.4 are vulnerable to path traversal. Recommendation Update to version 1.4.4 or later...

7.5CVSS7.1AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.1317 views

RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 (RHSA-2019:1297)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1297 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

7.8CVSS7.2AI score0.65005EPSS
Exploits9References9
RedHat Linux
RedHat Linux
added 2019/05/30 2:57 p.m.166 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update

An update is now available for JBoss Core Services on RHEL 6 and RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS6.8AI score0.65005EPSS
Exploits9References5
RedHat Linux
RedHat Linux
added 2019/05/30 2:48 p.m.158 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.29 Service Pack 2 zip release for RHEL 6 and RHEL 7 is available. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS6.8AI score0.65005EPSS
Exploits9References6
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/29 6:35 p.m.49 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2019-0211, CVE-2019-0220)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products and...

7.8CVSS0.8AI score0.65005EPSS
Exploits8Affected Software1
OSV
OSV
added 2019/05/22 6:29 p.m.18 views

CVE-2019-11231

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

9.8CVSS7.1AI score
Exploits0References2
CVE
CVE
added 2019/05/22 5:5 p.m.151 views

CVE-2019-11231

GetSimple CMS

9.8CVSS9.6AI score0.71598EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2019/05/22 5:5 p.m.36 views

CVE-2019-11231

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

9.7AI score0.71598EPSS
Exploits5References2
0day.today
0day.today
added 2019/05/21 12:0 a.m.766 views

Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution Exploit

Exploit for java platform in category web applications / Exploit Title: Brocade Network Advisor - Unauthenticated Remote Code Execution Date: 2017-03-29 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.broadcom.com/ CVE: CVE-2018-6443 Version: Tested on Brocade Network Advisor 14.X....

4.3CVSS8.1AI score0.07395EPSS
Exploits4
Veracode
Veracode
added 2019/05/16 3:38 a.m.47 views

Denial Of Service

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

9.8CVSS7.6AI score0.90647EPSS
Exploits0References37Affected Software10
Veracode
Veracode
added 2019/05/16 3:38 a.m.49 views

Path Traversal

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

9.8CVSS7.6AI score0.90647EPSS
Exploits0References28Affected Software9
Veracode
Veracode
added 2019/05/16 3:38 a.m.52 views

Denial Of Service

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

9.8CVSS7.6AI score0.90647EPSS
Exploits0References7Affected Software10
Rows per page
Query Builder