CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5762 matches found

RedHat Linux•added 2019/05/07 4:20 a.m.•34 views

Important: Red Hat Security Advisory: mod_auth_mellon security update

An update for modauthmellon is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.1CVSS7.3AI score0.02969EPSS

Exploits1References2

RedHat Linux•added 2019/05/07 4:19 a.m.•61 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS7AI score0.65005EPSS

Exploits8References3

Tenable Nessus•added 2019/05/07 12:0 a.m.•27 views

RHEL 8 : mod_auth_mellon (RHSA-2019:0985)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:0985 advisory. The modauthmellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants...

8.1CVSS7.7AI score0.02969EPSS

Exploits1References4

BDU FSTEC•added 2019/05/07 12:0 a.m.•3 views

The vulnerability of the Apache HTTP Server web server, related to uncontrolled resource consumption, allows attackers to cause service interruptions.

The vulnerability of the Apache HTTP Server is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions when connecting via HTTP/2 modhttp2...

5.3CVSS6.5AI score0.19404EPSS

Exploits0References8Affected Software6

OpenVAS•added 2019/05/07 12:0 a.m.•92 views

Fedora Update for php FEDORA-2019-da36d5d484

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.1AI score0.07065EPSS

Exploits0References2

OpenVAS•added 2019/05/07 12:0 a.m.•98 views

Fedora Update for httpd FEDORA-2019-119b14075a

7.4AI score

Exploits0References4

OpenVAS•added 2019/05/07 12:0 a.m.•87 views

Fedora Update for php FEDORA-2018-7ebfe1e6f2

7.4AI score

Exploits0References2

OpenVAS•added 2019/05/07 12:0 a.m.•62 views

Fedora Update for php FEDORA-2018-08ceba4f8f

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References2

Veracode•added 2019/05/02 6:45 a.m.•41 views

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of serviceDoS attacks. A remote user could send a specially crafted HTTP/2 request to trigger a null pointer dereference in the modhttp2 component and cause the server process to crash...

7.5CVSS8.8AI score0.53939EPSS

Exploits0References40Affected Software2

Veracode•added 2019/05/02 6:10 a.m.•25 views

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of serviceDoS attacks. This occurs in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted CONTINUATION frames in an HTTP/2 requests with headers larger than the server's...

7.5CVSS7.2AI score0.7907EPSS

Exploits4References49Affected Software4

Veracode•added 2019/05/02 6:10 a.m.•26 views

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of serviceDoS attacks. A remote attacker could exploit the flaw in httpd's modhttp2 module to block server threads for long times, causing starvation of worker threads, by manipulating the flow control windows on streams which leads to application crash...

5.9CVSS5.7AI score0.15327EPSS

Exploits0References40Affected Software1

Veracode•added 2019/05/02 6:9 a.m.•29 views

Improper Input Validation

Apache HTTP Server modcluster is vulnerable to improper input validation. An attacker could use this flaw to cause a Segmentation Fault in the serving httpd process which leads to disclosure of information...

4.3CVSS6.6AI score0.04692EPSS

Exploits0References9Affected Software8

Veracode•added 2019/05/02 6:2 a.m.•59 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS

Exploits78References14Affected Software3

Veracode•added 2019/05/02 6:2 a.m.•43 views

Null Pointer Dereference

9.8CVSS9AI score0.36974EPSS

Exploits78References13Affected Software3

Veracode•added 2019/05/02 6:2 a.m.•40 views

Information Disclosure

9.8CVSS9AI score0.36974EPSS

Exploits78References13Affected Software3

Veracode•added 2019/05/02 6:2 a.m.•51 views

Out-Of-Bounds Read