Lucene search
K

11648 matches found

Cent OS
Cent OS
added 2019/04/16 7:39 p.m.191 views

mod_auth_mellon security update

CentOS Errata and Security Advisory CESA-2019:0766 An update for modauthmellon is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.1CVSS6.8AI score0.02969EPSS
Exploits1References7
OSV
OSV
added 2019/04/16 8:27 a.m.15 views

OPENSUSE-SU-2019:1209-1 Security update for apache2

This update for apache2 fixes the following issues: CVE-2019-0211: A flaw in the Apache HTTP Server allowed less-privileged child processes or threads to execute arbitrary code with the privileges of the parent process. Attackers with control over CGI scripts or extension modules run by the serve...

7.8CVSS7.4AI score0.65005EPSS
Exploits8References11
Tenable Nessus
Tenable Nessus
added 2019/04/16 12:0 a.m.48 views

Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by vulnerabilities as noted in the October 2018 CPU advisory: - A vulnerability exists in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: Web Listener curl. The affected version is 12.2.1.3. This...

9.8CVSS7.1AI score0.12058EPSS
Exploits0References6
Check Point Advisories
Check Point Advisories
added 2019/04/15 12:0 a.m.39 views

Apache HTTP Server File Upload Privilege Escalation (CVE-2019-0211)

A privilege escalation vulnerability exists in Apache HTTP Server. A remote attacker may exploit this vulnerability to execute arbitrary code with administrator privileges...

7.2CVSS2.5AI score0.65005EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2019/04/11 11:59 a.m.342 views

Important: Red Hat Security Advisory: httpd24-httpd and httpd24-mod_auth_mellon security update

An update for httpd24-httpd and httpd24-modauthmellon is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS7AI score0.65005EPSS
Exploits9References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/11 12:0 a.m.142 views

Security update for apache2 (important)

openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2019:1190-1 Rating: important References: 1131233 1131237 1131239 1131241 1131245 Cross-References: CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 Affected Products: openSUSE Leap 42.3 An...

7.8CVSS8.7AI score0.65005EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2019/04/10 12:0 a.m.51 views

Amazon Linux AMI : httpd24 (ALAS-2019-1189)

In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulating the scoreboar...

7.8CVSS6.9AI score0.65005EPSS
Exploits8References7
NVD
NVD
added 2019/04/08 10:29 p.m.32 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS8AI score0.65005EPSS
Exploits8References52
Prion
Prion
added 2019/04/08 10:29 p.m.31 views

Code injection

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.2CVSS7.8AI score0.65005EPSS
Exploits8References51Affected Software5
OSV
OSV
added 2019/04/08 10:29 p.m.40 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS7.8AI score0.65005EPSS
Exploits8References52
OSV
OSV
added 2019/04/08 10:29 p.m.2 views

ALPINE-CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS7.4AI score0.65005EPSS
Exploits8References1
Vulnrichment
Vulnrichment
added 2019/04/08 9:31 p.m.14 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.5AI score0.65005EPSS
Exploits8References51
AlpineLinux
AlpineLinux
added 2019/04/08 9:31 p.m.46 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS7.5AI score0.65005EPSS
Exploits8
Cvelist
Cvelist
added 2019/04/08 9:31 p.m.50 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.2AI score0.65005EPSS
Exploits8References51
CVE
CVE
added 2019/04/08 9:31 p.m.14634 views

CVE-2019-0211

CVE-2019-0211 affects Apache HTTP Server 2.4.17–2.4.38 when using MPM event, worker, or prefork. The issue arises from code executing in less-privileged child processes/threads (including in-process scripting interpreters) that could be exploited to run arbitrary code with the privileges of the p...

7.8CVSS7.2AI score0.65005EPSS
In wildExploits8References52Affected Software1
Debian CVE
Debian CVE
added 2019/04/08 9:31 p.m.72 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS7.2AI score0.65005EPSS
Exploits8
Prion
Prion
added 2019/04/08 9:29 p.m.36 views

Race condition

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions...

6CVSS7.3AI score0.17666EPSS
Exploits0References39Affected Software10
NVD
NVD
added 2019/04/08 9:29 p.m.31 views

CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions...

7.5CVSS7.5AI score0.17666EPSS
Exploits0References39
OSV
OSV
added 2019/04/08 9:29 p.m.29 views

CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions...

7.5CVSS7.4AI score
Exploits0References39
OSV
OSV
added 2019/04/08 8:29 p.m.31 views

CVE-2019-0215

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions...

7.5CVSS6.5AI score
Exploits0References29
Rows per page
Query Builder