Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 2 security update

An update is now available for Red Hat JBoss Web Server 3.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

Moderate: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Important: Red Hat Security Advisory: httpd24-apr security update

An update for httpd24-apr is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

The vulnerability of the mod_auth_digest module in the Apache HTTP Server’s httpd daemon allows a hacker to gain access to confidential information or cause service interruptions.

The vulnerability of the modauthdigest module in the Apache HTTP Server’s httpd daemon arises from incorrect initialization of a variable. Exploiting this vulnerability can allow an attacker to gain access to confidential information or cause service failures...

MGASA-2018-0009 Updated apache packages fix security vulnerability

Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed CVE-2017-9798...

RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3476)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3476 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3477)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3477 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for JBoss Core Services on RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for JBoss Core Services on RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

CVE-2017-17671

vBulletin through 5.3.x on Windows allows remote PHP code execution because a requireonce call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is blocked but ..\ traversal is not blocked. For...

CVE-2017-17671

vBulletin (Windows)

BSA-2017-497

Security Advisory ID : BSA-2017-497 Component : Apache HTTPD Revision : 1.0: Final The readrequestline function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service NULL pointer...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.18 security update

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

php security update

CentOS Errata and Security Advisory CESA-2017:3221 An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

[SECURITY] Fedora 27 Update: php-7.1.11-1.fc27

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Moderate: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Apache Httpd < 2.4.33 : Tampering of mod_session data for CGI applications

When modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its data to CGIs, since the prefix...