Design/Logic Flaw

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

CVE-2017-18412

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

CVE-2017-18412

CVE-2017-18412 affects cPanel before 67.9999.103, where mishandling during an account rename allows Apache HTTP Server log files to become world-readable (information disclosure). Root cause: improper access control on log files. Impact is limited to partial confidentiality breach as described; n...

CVE-2018-20932

cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains SEC-406...

CVE-2018-20932

CVE-2018-20932 affects cPanel before 70.0.23. The issue arises when certain domains are created, causing exposure of Apache HTTP Server logs and resulting in potential information disclosure. The primary reference is SEC-406. Exploitation status and concrete fixes are not provided in the connecte...

CVE-2018-20885

cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation SEC-416...

Command injection

cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation SEC-416...

CVE-2018-20885

CVE-2018-20885 affects cPanel prior to 74.0.0 and is caused by Apache HTTP Server configuration injection due to DocumentRoot variable interpolation (SEC-416). The available documents identify the affected product version and the vulnerability class but do not provide details on exploitation atte...

CVE-2018-20885

cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation SEC-416...

CentOS Update for httpd CESA-2019:1898 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2019:1898 An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Security Bulletin: Rational Build Forge Security Advisory for Apache HTTP Server (CVE-2019-0196;CVE-2019-0197;CVE-2019-0211;CVE-2019-0215;CVE-2019-0217; and CVE-2019-0220)

Summary Apache HTTP Server has security vulnerabilities that allows a remote attacker to exploit the application. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details This section includes the vulnerability details that affects the Rational...

CVE-2019-13980

In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads//originals remote code execution with nginx...

Remote code execution

In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads//originals remote code execution with nginx...

CVE-2019-13980

Directus 7 API (up to version 2.3.0) permits PHP uploads only when using Apache; with nginx, uploads/_/originals can lead to remote code execution. No exploitation details are provided in the given documents beyond this risk description. Remediation/patch details are not included in the connected...

The vulnerability of the mod_http2 module in the Apache HTTP Server allows a attacker to cause a service failure or gain access to confidential information.

The vulnerability of the modhttp2 module in the Apache HTTP Server is related to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to cause service failures or gain access to confidential information by sending specially crafted requests...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1 Service Pack 7 security and bug fix update

An update is now available for Red Hat JBoss Web Server 3.1. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1 Service Pack 7 security and bug fix update

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

CVE-2014-9699

The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files i.e., a history of print files, and more are exposed to unauthenticated attackers through this HTTP server...

Directory traversal

The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files i.e., a history of print files, and more are exposed to unauthenticated attackers through this HTTP server...