CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5773 matches found

CERT•added 2020/06/26 12:0 a.m.•22 views

Netgear httpd upgrade_check.cgi stack buffer overflow

Overview Multiple Netgear devices contain a stack buffer overflow in the httpd web server's handling of upgradecheck.cgi, which may allow for unauthenticated remote code execution with root privileges. Description Many Netgear devices contain an embedded web server, which is provided by the httpd...

9.5AI score

Exploits0References4

Tenable Nessus•added 2020/06/25 12:0 a.m.•61 views

EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1692)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handli...

6.1CVSS6.6AI score0.56691EPSS

Exploits0References4

Veracode•added 2020/06/23 3:36 a.m.•33 views

Information Disclosure

httpd is vulnerable to information disclosure. The vulnerability exists through modproxyftp use of uninitialized value...

5.3CVSS0.2AI score0.51951EPSS

Exploits0References42Affected Software12

Tenable Nessus•added 2020/06/22 12:0 a.m.•84 views

RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 (RHSA-2020:2644)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2644 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This...

7.8CVSS7.8AI score0.51951EPSS

Exploits2References21

0day.today•added 2020/06/16 12:0 a.m.•141 views

Netgear R7000 Router - Remote Code Execution Exploit

Exploit for hardware platform in category web applications EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48588.zip Exploits a pre-authentication memcpy based stack buffer overflow vulnerability in httpd on several devices and versions: Devic...

0.6AI score

Exploits0

Zero Day Initiative•added 2020/06/15 12:0 a.m.•41 views

(0Day) NETGEAR R6700 httpd strtblupgrade Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...

8.8CVSS3.5AI score

Exploits0

Zero Day Initiative•added 2020/06/15 12:0 a.m.•54 views

(0Day) NETGEAR R6700 httpd Firmware Upload Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...

8.8CVSS7.2AI score

Exploits0

Zero Day Initiative•added 2020/06/15 12:0 a.m.•25 views

(0Day) NETGEAR R6700 httpd strtblupgrade Stack-based Buffer Overflow Remote Code Execution Vulnerability

6.3CVSS3.8AI score

Exploits0

OpenVAS•added 2020/06/03 12:0 a.m.•43 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1601)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7AI score0.56691EPSS

Exploits0References2

Veracode•added 2020/05/27 3:19 a.m.•56 views

Open Redirects

httpd is vulnerable to open redirects. The vulnerability exists as modrewrite has potential open redirect...

6.1CVSS0.8AI score0.73981EPSS

Exploits1References31Affected Software2

RedHat Linux•added 2020/05/26 2:34 p.m.•191 views

Moderate: Red Hat Security Advisory: httpd24-httpd and httpd24-mod_md security and enhancement update

An update for httpd24-httpd and httpd24-modmd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.1CVSS6.6AI score0.73981EPSS

Exploits1References4

CNVD•added 2020/05/25 12:0 a.m.•2 views

Buffer overflow vulnerability in multiple Tenda products (CNVD-2020-31408)

The Tenda AC9, among others, is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in httpd in several Tenda products. The vulnerability can be exploited to execute arbitrary code by sending the 'deviceId' and 'time' parameters to the...

9.8CVSS8.3AI score0.03292EPSS

Exploits1References1

OSV•added 2020/05/22 5:15 p.m.•2 views

CVE-2020-13392

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19multiTD01, AC9 V1.0 V15.03.05.196318CN, AC9 V3.0 V15.03.06.42multi, AC15 V1.0 V15.03.05.19multiTD01, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the...

9.8CVSS8.1AI score0.02552EPSS

Exploits1References2

OSV•added 2020/05/22 5:15 p.m.•2 views

CVE-2020-13389

9.8CVSS8.1AI score0.02552EPSS

Exploits1References2

OSV•added 2020/05/22 5:15 p.m.•3 views

CVE-2020-13394

9.8CVSS6.6AI score0.02552EPSS

Exploits1References2