5773 matches found
CVE-2022-28614
An out-of-bounds read vulnerability was found in httpd. A very large input to the aprputs and aprwrite functions can lead to an integer overflow and result in an out-of-bounds read...
CVE-2022-28330
An out-of-bounds read vulnerability was found in the modisapi module of httpd. The issue occurs when httpd is configured to process requests with the modisapi module...
CVE-2022-26377
An HTTP request smuggling vulnerability was found in the modproxyajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests. Mitigation Disabling modproxyajp and restarting httpd will mitigate this flaw...
[slackware-security] httpd
New httpd packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.54-i586-1slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: modproxy...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1807)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-44080
A Command Injection vulnerability in httpd web server setup.cgi in SerComm h500s, FW: lowi-h500s-v3.4.22 allows logged in administrators to arbitrary OS commands as root in the device via the connectiontype parameter of the statussupportdiagnostictracing.json endpoint...
Command injection
A Command Injection vulnerability in httpd web server setup.cgi in SerComm h500s, FW: lowi-h500s-v3.4.22 allows logged in administrators to arbitrary OS commands as root in the device via the connectiontype parameter of the statussupportdiagnostictracing.json endpoint...
CLSA-2022-1654106630 Fixed CVEs in httpd-43.module_el8.5.0+2046+6f259f31.tuxcare.els4: CVE-2021-33193, CVE-2020-35452
CVE-2020-35452: modauthdigest: fix a single zero byte stack overflow 1968278 - CVE-2021-33193: fix request splitting via HTTP/2 method injection and modproxy 1972491...
CLSA-2022-1654106434 Fixed CVEs in httpd-39.module_el8.4.0+2047+54659116.1.tuxcare.els5: CVE-2020-35452, CVE-2021-33193
CVE-2020-35452: modauthdigest: fix a single zero byte stack overflow 1968278 - CVE-2021-33193: fix request splitting via HTTP/2 method injection and modproxy 1972491...
CVE-2021-44080
The CVE-2021-44080 entry affects SerComm h500s routers (FW lowi-h500s-v3.4.22). The vulnerability is a command-injection in the httpd web server’s setup.cgi, exploitable by a logged-in administrator via the connection_type parameter of the statussupport_diagnostic_tracing.json endpoint, enabling ...
CVE-2021-44080
A Command Injection vulnerability in httpd web server setup.cgi in SerComm h500s, FW: lowi-h500s-v3.4.22 allows logged in administrators to arbitrary OS commands as root in the device via the connectiontype parameter of the statussupportdiagnostictracing.json endpoint...
CVE-2022-30477
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...
CVE-2022-30476
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request...
CVE-2022-30474
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request...
CVE-2022-30477
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...
CVE-2022-30476
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request...
CVE-2022-30474
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request...
CVE-2022-30475
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request...
Stack overflow
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request...
Stack overflow
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request...