Lucene search
K

11649 matches found

Veracode
Veracode
added 2019/05/16 3:38 a.m.47 views

Denial Of Service

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

9.8CVSS7.6AI score0.90647EPSS
Exploits0References37Affected Software10
Veracode
Veracode
added 2019/05/16 3:38 a.m.52 views

Denial Of Service

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

9.8CVSS7.6AI score0.90647EPSS
Exploits0References7Affected Software10
Veracode
Veracode
added 2019/05/16 3:38 a.m.49 views

Path Traversal

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

9.8CVSS7.6AI score0.90647EPSS
Exploits0References28Affected Software9
Veracode
Veracode
added 2019/05/16 3:21 a.m.35 views

Privilege Escalation

Apache HTTP Server is vulnerable to privilege escalation vulnerability. The vulnerability exists due to an improper input validation flaw in an unknown code block of the component modsessionin in the way it handles HTTP session headers in some configurations. A remote attacker could influence the...

5.3CVSS7.3AI score0.10118EPSS
Exploits0References50Affected Software14
Veracode
Veracode
added 2019/05/16 3:21 a.m.48 views

Privilege Escalation

Apache HTTP Server is vulnerable to privilege escalation. This is because, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. An attacker could replay the HTTP requests across servers without...

9.8CVSS7.6AI score0.15885EPSS
Exploits0References53Affected Software14
Veracode
Veracode
added 2019/05/16 3:21 a.m.43 views

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service DoS attacks. A remote user can send specially crafted HTTP/2 requests to cause worker processes to be allocated for 60 seconds longer than required, consuming excessive worker resources casing a worker exhaustion and an application crash...

7.5CVSS6.3AI score0.17103EPSS
Exploits0References44Affected Software12
Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.63 views

Oracle Enterprise Manager Ops Center (Apr 2019 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution. CVE-2016-1000031 - An...

9.8CVSS7.5AI score0.94999EPSS
Exploits13References13
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/14 5:10 p.m.56 views

Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server bundled with IBM WebSphere Application Server Patterns (CVE-2019-0211 CVE-2019-0220)

Summary IBM HTTP Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin. Vulnerability Details Please consult the following security bulletin for vulnerability...

7.8CVSS0.9AI score0.65005EPSS
Exploits8Affected Software1
Fedora
Fedora
added 2019/05/14 1:6 a.m.78 views

[SECURITY] Fedora 28 Update: httpd-2.4.39-1.1.fc28

The Apache HTTP Server is a powerful, efficient, and extensible web server...

7.8CVSS1.1AI score0.65005EPSS
Exploits8
Hacker One
Hacker One
added 2019/05/14 12:11 a.m.9 views

Node.js third-party modules: [larvitbase-www] Unintended Require

I would like to report Unintended Require vulnerability in larvitbase-www It is similar to bug found here 566056 because the module is maintained by the same developer, but it is a different module and the code behind the vulnerability is different. It allows loading arbitary non-production code ...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.60 views

EulerOS Virtualization for ARM 64 3.0.1.0 : httpd (EulerOS-SA-2019-1389)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...

9.8CVSS7.2AI score0.94999EPSS
Exploits13References8
ThreatPost
ThreatPost
added 2019/05/13 10:17 p.m.166 views

Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices

Cisco has disclosed an unpatched, high-severity vulnerability that impacts millions of devices, in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation. Cisco has also disclosed a similarly widely-impacting high-severity bug tha...

9CVSS0.4AI score0.05516EPSS
Exploits0References6
NVD
NVD
added 2019/05/13 4:29 p.m.14 views

CVE-2018-4028

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

7.8CVSS5.9AI score0.01393EPSS
Exploits1References1
NVD
NVD
added 2019/05/13 4:29 p.m.29 views

CVE-2018-4018

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or...

10CVSS9.5AI score0.02332EPSS
Exploits1References1
Prion
Prion
added 2019/05/13 4:29 p.m.22 views

Design/Logic Flaw

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or...

10CVSS9.4AI score0.02332EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/05/13 4:29 p.m.9 views

Cross site request forgery (csrf)

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

7.8CVSS7.4AI score0.01393EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/05/13 3:40 p.m.16 views

CVE-2018-4028

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

5.3CVSS7.4AI score0.01393EPSS
Exploits1References1
CVE
CVE
added 2019/05/13 3:40 p.m.51 views

CVE-2018-4028

The CVE-2018-4028 issue affects the NT9665X chipset firmware in the Anker Roav A1 Dashcam (RoavA1_SW_V1.9). A vulnerability in the HTTP server could allow an attacker to overwrite the root directory via an HTTP POST, causing a denial of service. Talos details describe a firmware-update vulnerabil...

7.8CVSS7.4AI score0.01393EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/05/13 3:40 p.m.91 views

CVE-2018-4018

CVE-2018-4018 affects the NT9665X Chipset firmware used in the Anker Roav A1 Dashcam (version RoavA1_SW_V1.9). The vulnerability arises from the HTTP server that handles firmware updates, allowing an attacker to upload arbitrary firmware binaries via HTTP PUT or upgrade requests, which are flashe...

10CVSS9.4AI score0.02332EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2019/05/13 12:0 a.m.101 views

Novatek NT9665X HFS Overwrite denial-of-service vulnerability

Summary An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send a...

7.8CVSS6.3AI score0.01393EPSS
Exploits1
Rows per page
Query Builder