Lucene search
K

85 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.1 views

RHEL 9 : mod_security (RHSA-2025:13775)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13775 advisory. ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Denial of...

7.5CVSS8.1AI score0.0076EPSS
Exploits1References5
OSV
OSV
added 2025/08/06 12:15 a.m.8 views

AZL-66087 CVE-2025-54571 affecting package mod_security 2.9.7-8

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrate...

6.9CVSS5.8AI score0.00263EPSS
Exploits1References1
OSV
OSV
added 2025/08/06 12:15 a.m.7 views

AZL-66111 CVE-2025-54571 affecting package mod_security 2.9.4-1

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrate...

6.9CVSS5.8AI score0.00263EPSS
Exploits1References1
OSV
OSV
added 2025/07/11 12:17 p.m.3 views

OESA-2025-1753 mod_security security update

Security Fixes: A vulnerability was found in OWASP ModSecurity 2.9.8/2.9.10 and classified as critical.Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary...

6.5CVSS6.8AI score0.00346EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2025/07/07 12:0 a.m.7 views

apache2-mod_security2-2.9.11-1.1 on GA media (moderate)

apache2-modsecurity2-2.9.11-1.1 on GA media Announcement ID: openSUSE-SU-2025:15313-1 Rating: moderate Cross-References: CVE-2025-52891 CVSS scores: CVE-2025-52891 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-52891 SUSE : 8.2...

8.2CVSS9.5AI score0.00346EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/06/25 12:0 a.m.5 views

Mageia: Security Advisory (MGASA-2025-0192)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.0076EPSS
Exploits2References5
Amazon
Amazon
added 2025/06/12 12:0 a.m.5 views

Important: mod_security

Issue Overview: ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content type is application/json,...

7.5CVSS6.8AI score0.0076EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.6 views

Amazon Linux 2 : mod_security (ALAS-2025-2887)

The version of modsecurity installed on the remote host is prior to 2.9.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2887 advisory. ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions...

7.5CVSS7.7AI score0.0076EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2025/06/11 10:57 a.m.7 views

Important: Red Hat Security Advisory: mod_security security update

An update for modsecurity is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.5CVSS7.4AI score0.00586EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2025/06/11 12:0 a.m.5 views

mod_security security update

2.9.6-2 - add fix for CVE-2025-47947 - Resolves: RHEL-93005...

7.5CVSS7.4AI score0.00586EPSS
Exploits1
OSV
OSV
added 2025/06/11 12:0 a.m.4 views

ALSA-2025:8844 Important: mod_security security update

ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.5AI score0.00586EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/06/09 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-719f4a7313)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.00586EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/06/09 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-7faa0bc6e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.00586EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/07 12:0 a.m.6 views

Fedora 42 : mod_security (2025-7faa0bc6e5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7faa0bc6e5 advisory. This update includes modsecurity version 2.9.9 which addresses CVE-2025-47947 and includes various bug fixes. See...

7.5CVSS7.8AI score0.00586EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2025/06/04 12:0 a.m.4 views

apache2-mod_security2-2.9.10-1.1 on GA media (moderate)

apache2-modsecurity2-2.9.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15197-1 Rating: moderate Cross-References: CVE-2025-47947 CVE-2025-48866 CVSS scores: CVE-2025-47947 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-47947 SUSE : 8.7...

8.7CVSS7.5AI score0.0076EPSS
Exploits2
OSV
OSV
added 2025/05/21 10:15 p.m.5 views

AZL-62426 CVE-2025-47947 affecting package mod_security 2.9.7-8

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content type is application/json, and there is at...

7.5CVSS6.8AI score0.00586EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.11 views

mod_security_crs bug fix and enhancement update

An update is available for modsecuritycrs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

6.8AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2025/01/29 12:0 a.m.3 views

apache2-mod_security2-2.9.8-2.1 on GA media (moderate)

apache2-modsecurity2-2.9.8-2.1 on GA media Announcement ID: openSUSE-SU-2025:14703-1 Rating: moderate Cross-References: CVE-2022-48279 CVSS scores: CVE-2022-48279 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability...

7.5CVSS7.3AI score0.01169EPSS
Exploits0
OSV
OSV
added 2024/06/15 12:0 a.m.21 views

OPENSUSE-SU-2024:10034-1 apache2-mod_security2-2.9.0-5.6 on GA media

These are all security issues fixed in the apache2-modsecurity2-2.9.0-5.6 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.5AI score0.13719EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 7 : mod_security (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modsecurity: incorrect parsing of HTTP multipart requests leads to web application firewall bypass CVE-2022-48279...

7.7AI score0.01169EPSS
Exploits0References1
Rows per page
Query Builder