EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-1893)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in a security bulletin -- CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813,...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1867)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1867)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1843)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...

Insecure Access Control

Apache HTTP Server has insecure access control. The vulnerability exists due to the system not sending the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism...

Buffer Overflow

Apache HTTP Server is vulnerable to buffer overflow. The vulnerability exists due to a lack of sanitization of the return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

Out-of-Bounds Read

Apache HTTP Server is vulnerable to out of bounds read. The vulnerability exists due to a memory corruption when configured to process requests with the modisapi module...

Siemens Apache HTTP Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Apache HTTP Server Vulnerabilities: NULL Pointer Dereference, Out-of-bounds Write, Server-side Request Forgery SSRF 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Apache HTTP Server mod_isapi Module Buffer Overflow Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server 2.4.53 and earlier versions, which stems from a boundary error in the...

Apache HTTP Server mod_sed denial of service vulnerability

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server modsed suffers from a denial-of-service vulnerability that stems from the fact that modsed may allocate too much memory and trigger an abort when modsed input is too large. An attacker could exploit thi...

Apache HTTP Server Data Forgery Issue Vulnerability (CNVD-2022-73123)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to a data forgery issue that stems from modproxy's X-Forwarded-For hop-by-hop mechanism discard. An attacker could use this vulnerability to bypass IP-based authentication on the source...

Apache HTTP Server 2.4.53 DoS Vulnerability - Windows

Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache HTTP Server < 2.4.54 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Apache HTTP Server Input Validation Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server version 2.4.53 and earlier, which stems from a failure to...

Apache HTTP Server HTTP请求走私漏洞

Apache HTTP Server is an open source web server from the American Apache Apache Foundation. The server is fast, reliable, and extensible via a simple API. HTTP request smuggling vulnerability exists in Apache HTTP Server modproxyajp. An attacker could exploit this vulnerability to smuggle request...

Apache HTTP Server Input Validation Error Vulnerability (CNVD-2022-51059)

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API. Apache HTTP Server 2.4.53 and earlier versions are vulnerable to an input validation error. An attacker could exploit this vulnerability to read unexpected...

ALPINE-CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

CVE-2022-30556

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

CVE-2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application...