Lucene search
K

11652 matches found

Fedora
Fedora
added 2019/03/29 7:26 p.m.12 views

[SECURITY] Fedora 30 Update: php-7.3.3-1.fc30

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

0.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/28 7:0 a.m.42 views

Security Bulletin: Rational Build Forge Security Advisory for Apache HTTP Server (CVE-2019-0190; CVE-2018-17189; CVE-2018-17199)

Summary Apache HTTP Server has security vulnerabilities that allows a remote attacker to exploit the application. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details This section includes the vulnerability details that affects the Rational...

7.5CVSS0.5AI score0.59942EPSS
Exploits0Affected Software1
Gentoo Linux
Gentoo Linux
added 2019/03/28 12:0 a.m.160 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache. Please review the CVE identifiers referenced below for details. Impact A remote attacker can possibly cause a Denial of Service condition ...

9.8CVSS2AI score0.59942EPSS
Exploits0
Metasploit
Metasploit
added 2019/03/24 12:1 p.m.18 views

ES File Explorer Open Port

This module connects to ES File Explorer's HTTP server to run certain commands. The HTTP server is started on app launch, and is available as long as the app is open. Version 4.1.9.7.4 and below are reported vulnerable This module has been tested against 4.1.9.5.1. This module requires Metasploit...

8.1CVSS7AI score0.6202EPSS
Exploits8
Hacker One
Hacker One
added 2019/03/21 4:53 p.m.29 views

Mail.ru: touch.mail.ru / e.mail.ru memory content disclosure

An invalid handling of NUL byte in API request led to disclosure of HTTP server memory region. The root cause of this bug is tracked to nginx+openresty. An advisory is below: Insecure implementation of nginx rewrite / OpenResty ngx.req.seturi + memory content leak in nginx. OpenResty is LUA engin...

0.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/03/20 12:0 a.m.9 views

PT-2019-3473 · Apache +8 · Apache Traffic Server +9

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions affected versions not specified Apache HTTP Server versions affected versions not specified Node.js versions affected versions not specified Description: The issue is related to errors in the mechanism controlli...

9.8CVSS6.5AI score0.96436EPSS
Exploits106References722
exploitpack
exploitpack
added 2019/03/19 12:0 a.m.32 views

Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML

Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML !-- Windows: Windows: IE11 VBScript execution policy bypass in MSHTML Platform: Windows 10 1809 not tested earlier Class: Security Feature Bypass Summary: MSHTML only checks for the CLSID associated with VBScript when...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2019/03/16 12:0 a.m.29 views

Fedora Update for php FEDORA-2019-efa799fd16

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.1AI score0.07065EPSS
Exploits0References2
Fedora
Fedora
added 2019/03/15 6:31 p.m.35 views

[SECURITY] Fedora 29 Update: php-7.2.16-1.fc29

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

7.5CVSS0.4AI score0.07065EPSS
Exploits0
Fedora
Fedora
added 2019/03/15 3:36 a.m.127 views

[SECURITY] Fedora 28 Update: php-7.2.16-1.fc28

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

7.5CVSS0.4AI score0.07065EPSS
Exploits0
OSV
OSV
added 2019/03/14 9:39 p.m.20 views

MGASA-2019-0109 Updated apache packages fix security vulnerability

By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections in Apache HTTP Server versions 2.4.37 and prior CVE-2018-17189. In Apache HTTP Serv...

7.5CVSS6.4AI score0.19994EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/13 8:35 p.m.52 views

Security Bulletin: Security vulnerability in the IBM HTTP Server (CVE-2018-17199)

Summary There is a vulnerability in the IBM HTTP Server used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2018-17199 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by checking the session expiry time before decoding the...

7.5CVSS1.1AI score0.19994EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/12 12:0 a.m.51 views

Amazon Linux AMI : httpd24 (ALAS-2019-1166)

In Apache HTTP server by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections. CVE-2018-17189 A bug exists in the way modssl handled client...

7.5CVSS6.3AI score0.59942EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2019/02/28 12:0 a.m.48 views

KLA12364 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in modsessioncookie can be exploited to spoof user interface. 2...

7.5CVSS7.3AI score0.59942EPSS
Exploits0References3
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.61 views

Jenkins Plugin Script Security 1.49Declarative 1.3.4Groovy 2.60 - Remote Code Execution

Jenkins Plugin Script Security 1.49Declarative 1.3.4Groovy 2.60 - Remote Code Execution !/usr/bin/env python Exploit Title : jenkins-preauth-rce-exploit.py Date : 02/23/2019 Authors : wetw0rk & 0xtavian Vendor Homepage : https://jenkins.oi Software Link : https://jenkins.io/download/ Tested on :...

6.5CVSS8.4AI score0.98428EPSS
Exploits17
Apache Httpd
Apache Httpd
added 2019/02/22 12:0 a.m.137 views

Apache Httpd < 2.4.39 : Apache HTTP Server privilege escalation from modules' scripts

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS1.7AI score0.65005EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/20 10:0 p.m.59 views

Security Bulletin: Vulnerabilities CVE-2018-17199, CVE-2018-17189, and CVE-2019-0190 in the IBM i HTTP Server affect IBM i.

Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-0190 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the improper handling of client negotiations by modssl. By sending a specially crafted...

7.5CVSS1.2AI score0.59942EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/19 5:50 p.m.41 views

Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

Summary There are multiple vulnerabilities in the IBM HTTP Server used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2018-1301 DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by an out-of-bounds access error after a header size limit has been reached...

8.1CVSS0.4AI score0.86006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/19 5:40 p.m.32 views

Security Bulletin: Information disclosure in IBM HTTP Server (CVE-2017-12613)

Summary There is a potential information disclosure in IBM HTTP Server used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2017-12613 DESCRIPTION: Apache Portable Runtime APR could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds array...

7.1CVSS0.4AI score0.01749EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.385 views

RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 (RHSA-2019:0367)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0367 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

9.8CVSS6.7AI score0.90647EPSS
Exploits0References26
Rows per page
Query Builder