Lucene search
K

11652 matches found

CNVD
CNVD
added 2019/04/03 12:0 a.m.1 views

Apache HTTP Server Access Bypass Vulnerability

Apache HTTP Server is the United States Apache Apache Software Foundation of an open source web server . An access bypass vulnerability exists in Apache HTTP Server. It allows an attacker to bypass certain security restrictions and perform unauthorized operations...

7.5CVSS6.9AI score0.10508EPSS
Exploits0References1
ALT Linux
ALT Linux
added 2019/04/03 12:0 a.m.56 views

Security fix for the ALT Linux 8 package apache2 version 1:2.4.39-alt1

1:2.4.39-alt1 built April 3, 2019 Anton Farygin in task 226418 April 2, 2019 Anton Farygin - 2.4.39 - fixes: Apache HTTP Server privilege escalation from modules scripts. CVE-2019-0211 modauthdigest access control bypass. CVE-2019-0217 modssl access control bypass. CVE-2019-0215 Apache httpd URL...

7.2CVSS7.4AI score0.65005EPSS
Exploits8
CNVD
CNVD
added 2019/04/03 12:0 a.m.44 views

Apache HTTP Server Remote Vulnerability

Apache HTTP Server is the United States Apache Apache Software Foundation of an open source web server . A remote vulnerability exists in Apache HTTP Server. An attacker can exploit the vulnerability to perform unauthorized operations...

5.3CVSS9.5AI score0.1786EPSS
Exploits0References1
myhack58
myhack58
added 2019/04/03 12:0 a.m.135 views

Apache HTTP Server components to mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, the Aapche HTTP Server official release of the Aapche HTTP Server 2.4.39 version update, this version fixes a bug number for CVE-2019-0211 mention the right vulnerability, the vulnerability rating of high risk, according to Sangfor security team, the vulnerabilities impact severity, the...

0.65005EPSS
Exploits8
CNVD
CNVD
added 2019/04/03 12:0 a.m.36 views

Apache HTTP Server Local Elevation of Privilege Vulnerability

Apache HTTP Server is the United States Apache Apache Software Foundation of an open source web server . A local elevation of privilege vulnerability exists in Apache HTTP Server. An attacker could exploit the vulnerability to gain elevated privileges on an affected application...

7.8CVSS7.1AI score0.65005EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2019/04/03 12:0 a.m.94 views

Debian: Security Advisory (DLA-1748-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.1786EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2019/04/02 5:38 p.m.229 views

New Apache Web Server Bug Threatens Security of Shared Web Hosts

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in...

7.8CVSS0.65005EPSS
Exploits8
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/02 4:35 p.m.60 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2018-17199)

Summary IBM HTTP Server IHS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting IHS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section. Affected Products an...

7.5CVSS0.9AI score0.19994EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2019/04/02 11:19 a.m.67 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS1AI score0.1786EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/04/02 10:50 a.m.49 views

CVE-2019-0215

A flaw was found in Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38. A bug in modssl, when using per-location client certificate verification with TLSv1.3, allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. An attacker could perform vario...

7.5CVSS2.2AI score0.10508EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2019/04/02 12:0 a.m.50 views

CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions...

7.5CVSS7AI score0.17666EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/04/02 12:0 a.m.134 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS7.1AI score0.65005EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.40 views

EulerOS 2.0 SP2 : httpd (EulerOS-SA-2019-1113)

According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expir...

7.5CVSS6.4AI score0.19994EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.48 views

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2019-1137)

According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expir...

7.5CVSS6.4AI score0.19994EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/04/02 12:0 a.m.47 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.4AI score0.1786EPSS
Exploits0References3
OSV
OSV
added 2019/04/02 12:0 a.m.2 views

UBUNTU-CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.3AI score0.1786EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2019/04/01 12:0 a.m.58 views

KLA12365 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service...

7.8CVSS9.5AI score0.65005EPSS
Exploits8References3
Symantec
Symantec
added 2019/04/01 12:0 a.m.502 views

Apache HTTP Server CVE-2019-0211 Local Privilege Escalation Vulnerability

Description Apache HTTP Server is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the affected application. Apache HTTP Server versions 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.30, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25,...

7.2CVSS0.7AI score0.65005EPSS
Exploits8References4Affected Software5
Positive Technologies
Positive Technologies
added 2019/04/01 12:0 a.m.3 views

PT-2019-1764

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.38 Description The vulnerability is related to insufficient access control in the MPM module of the Apache HTTP Server, allowing an attacker to execute arbitrary code with root privileges by...

7.8CVSS8.2AI score0.65005EPSS
Exploits8References118
FreeBSD
FreeBSD
added 2019/04/01 12:0 a.m.77 views

Apache -- Multiple vulnerabilities

The Apache httpd Project reports: Apache HTTP Server privilege escalation from modules' scripts CVE-2019-0211 important modauthdigest access control bypass CVE-2019-0217 important modssl access control bypass CVE-2019-0215 important modhttp2, possible crash on late upgrade CVE-2019-0197 low...

7.8CVSS1.4AI score0.65005EPSS
Exploits8References2
Rows per page
Query Builder