5771 matches found
Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 For more details about the security issues, including the impact,...
CLSA-2024-1723059198 httpd: Fix of 3 CVEs
CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix. - CVE-2024-40725: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-39884 fix...
Moderate: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: httpd
Issue Overview: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosu...
Fedora: Security Advisory (FEDORA-2024-de08df1535)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-7441 Vivotek SD9364 httpd read stack-based overflow
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack can be initiate...
CVE-2024-7441 Vivotek SD9364 httpd read stack-based overflow
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack can be initiate...
CVE-2024-7441
Vivotek SD9364 VVTK-0103f exposes a vulnerability in the httpd read function: manipulating Content-Length causes a stack-based buffer overflow. Exploitation is remote and the exploit has been publicly disclosed. Affected releases are end-of-life with no fix/version details provided in the availab...
CVE-2024-7439 Vivotek CC8160 httpd read stack-based overflow
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotel...
CVE-2024-7439 Vivotek CC8160 httpd read stack-based overflow
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotel...
K000140505: Apache HTTPD vulnerability CVE-2024-38473
Security Advisory Description Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixe...
Vivotek SD9364 安全漏洞
Vivotek SD9364 is a high-speed camera from China VIVOTEK Communications Vivotek. A security vulnerability exists in Vivotek SD9364 VVTK-0103f, which originates from the parameter Content-Llong of the component httpd that can cause a stack-based buffer overflow...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 7 : httpd (RHSA-2024:4938)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4938 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...
CVE-2024-33365
Buffer Overflow vulnerability in Tenda AC10 v4 USAC10V4.0siV16.03.10.20cn allows a remote attacker to execute arbitrary code via the VirtualDataCheck function in the bin/httpd component...
Tenda AC10 安全漏洞
Tenda AC10 is a wireless router from Tenda China. A security vulnerability exists in the Tenda AC10 v4 USAC10V4.0siV16.03.10.20cn version. A remote attacker can exploit this vulnerability to execute arbitrary code via the VirtualDataCheck function in the bin/httpd component...
CVE-2024-33365
Buffer Overflow vulnerability in Tenda AC10 v4 USAC10V4.0siV16.03.10.20cn allows a remote attacker to execute arbitrary code via the VirtualDataCheck function in the bin/httpd component...
CVE-2024-33365
CVE-2024-33365 describes a buffer overflow in the Tenda AC10, version US_AC10V4.0si_V16.03.10.20_cn, where the remote attacker can execute arbitrary code through the bin/httpd component’s Virtual_Data_Check function. Root cause: overflow in that function. Impact: allows remote code execution with...
[SECURITY] Fedora 39 Update: mod_http2-2.0.29-1.fc39
The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...