Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

80 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-13780

Malware in sbrugna...

6.5CVSS6.9AI score0.00167EPSS
Exploits0References3
Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.392 views

Apache Optionsbleed Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Optionsbleed Scanner', 'Description' = %q This module scans for the Apache optionsbleed vulnerability where the Allow response header...

7.5CVSS7.2AI score0.9384EPSS
Exploits9
Tenable Nessus
Tenable Nessusadded 2024/04/27 12:0 a.m.46 views

RHEL 6 / 7 : httpd24 (RHSA-2017:3018)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3018 advisory. - httpd: Use-after-free by limiting unregistered HTTP method Optionsbleed CVE-2017-9798 Note that Nessus has not tested for this issue but has...

7.5CVSS6.9AI score0.9384EPSS
Exploits9References15
F5 Networks
F5 Networksadded 2023/02/21 6:34 p.m.269 views

K70084351: Apache HTTPD vulnerability CVE-2017-9798

Security Advisory Description Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x...

7.5CVSS7.6AI score0.9384EPSS
Exploits9
OpenVAS
OpenVASadded 2022/08/26 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-3425-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.9384EPSS
Exploits9References2
OpenVAS
OpenVASadded 2022/04/21 12:0 a.m.36 views

Slackware: Security Advisory (SSA:2017-261-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.9384EPSS
Exploits9References3
VulnCheck KEV
VulnCheck KEVadded 2022/02/22 12:0 a.m.2 views

VulnCheck KEV: CVE-2017-9798

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...

7.5CVSS6.7AI score0.9384EPSS
Exploits9References1
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2018-0009)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.9384EPSS
Exploits9References4
IBM Security Bulletins
IBM Security Bulletinsadded 2021/09/16 1:35 p.m.48 views

Security Bulletin: IBM API Connect is impacted by multiple vulnerabilities in IBM Http server

Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmime. By sending a specially crafted Content-Type response...

9.8CVSS1AI score0.9384EPSS
Exploits29Affected Software1
Tenable Nessus
Tenable Nessusadded 2020/12/10 12:0 a.m.60 views

IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 Multiple Vulnerabilities (298437)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities related to Apache, as follows: - Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certai...

7.5CVSS7AI score0.9384EPSS
Exploits12References3
IBM Security Bulletins
IBM Security Bulletinsadded 2020/07/19 12:49 a.m.47 views

Security Bulletin: Security vulnerability in Apache HTTP affects IBM SmartCloud Entry (CVE-2017-9798)

Summary IBM SmartCloud Entry has addressed the vulnerability in Apache HTTP. Following are the vulnerability details. Vulnerability Details CVEID: CVE-2017-9798 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS...

7.5CVSS0.1AI score0.9384EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2020/04/20 2:39 p.m.53 views

Security Bulletin: A Security vulnerability has been identified in Apache HTTP Server used by Rational Build Forge. (CVE-2017-9798)

Summary Apache HTTP Server has security vulnerability caused due to error in the HTTP Option method. Respective security vulnerability is discussed in detail in the subsequent section. Vulnerability Details CVEID: CVE-2017-9798 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obta...

7.5CVSS0.9384EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2019/12/18 2:26 p.m.55 views

Security Bulletin: Vulnerability CVE-2017-9798 in the IBM i HTTP Server affects IBM i.

Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-9798 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS method, aka Optionsbleed. By sending a...

7.5CVSS1.6AI score0.9384EPSS
Exploits9Affected Software1
NVD
NVDadded 2019/06/17 3:15 p.m.9 views

CVE-2019-4173

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS method, aka Optionsbleed. By sending an OPTIONS HTTP request, a remote attacker could exploit this vulnerability to read secret data...

6.5CVSS6.2AI score0.00167EPSS
Exploits0References2
OSV
OSVadded 2019/06/17 3:15 p.m.1 views

CVE-2019-4173

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS method, aka Optionsbleed. By sending an OPTIONS HTTP request, a remote attacker could exploit this vulnerability to read secret data...

6.5CVSS6.8AI score0.00167EPSS
Exploits0References2
Prion
Prionadded 2019/06/17 3:15 p.m.16 views

Design/Logic Flaw

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS method, aka Optionsbleed. By sending an OPTIONS HTTP request, a remote attacker could exploit this vulnerability to read secret data...

4CVSS6.1AI score0.00167EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/06/17 3:10 p.m.8 views

CVE-2019-4173

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS method, aka Optionsbleed. By sending an OPTIONS HTTP request, a remote attacker could exploit this vulnerability to read secret data...

6.5CVSS6.1AI score0.00167EPSS
Exploits0References2
CVE
CVEadded 2019/06/17 3:10 p.m.49 views

CVE-2019-4173

IBM Cognos Controller versions 10.2.0–10.4.0 expose an HTTP OPTIONS (Optionsbleed) information-disclosure vulnerability that could allow a remote attacker to read secret data from process memory. Affected: 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.4.0. Root cause: flaw in handling the HTTP OPTIONS metho...

6.5CVSS6.6AI score0.00167EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2019/06/17 12:0 a.m.3 views

PT-2019-16948 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.2.0 through 10.4.0 Description: A flaw in the HTTP OPTIONS method, also known as Optionsbleed, could allow a remote attacker to obtain sensitive information. By sending an OPTIONS HTTP request to the / API...

6.5CVSS6.6AI score0.00167EPSS
Exploits0References3
Veracode
Veracodeadded 2019/01/15 9:20 a.m.45 views

Use After Free

httpd24 is vulnerable to information disclosure attacks. The vulnerability exists as Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This...

7.5CVSS8.2AI score0.9384EPSS
Exploits9References84Affected Software15
Rows per page
Query Builder