5762 matches found
Moderate: Red Hat Security Advisory: php security and bug fix update
An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Moderate: Red Hat Security Advisory: php55-php security update
An update for php55-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Apache APR-util and httpd Denial of Service Vulnerabilities
Apache APR-util and httpd are the United States Apache Apache Software Foundation products. The former is an application can be used across multiple operating system platforms to provide the underlying support for the development of interface libraries , the latter is a special operating system...
[SECURITY] Fedora 23 Update: php-5.6.24-1.fc23
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
[SECURITY] Fedora 23 Update: httpd-2.4.23-4.fc23
The Apache HTTP Server is a powerful, efficient, and extensible web server...
Apache HTTP Server Man-in-the-Middle Attack Vulnerability (Jul 2016) - Linux
Apache HTTP Server is prone to a man-in-the-middle attack vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache HTTP Server Man-in-the-Middle Attack Vulnerability (Jul 2016) - Windows
Apache HTTP Server is prone to a man-in-the-middle attack vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] Fedora 24 Update: httpd-2.4.23-4.fc24
The Apache HTTP Server is a powerful, efficient, and extensible web server...
Apache HTTP Server mod_fcgid Module Security Bypass Vulnerability
Apache HTTP Server is an open source web server from the Apache Apache Software Foundation in the United States. modfcgid is one of the modcgi and modcgid alternatives Apache modules. A security bypass vulnerability exists in the modfcgid module in Apache HTTP Server. An attacker could exploit th...
CVE-2016-5387
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary...
Design/Logic Flaw
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary...
CVE-2016-5387
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary...
The vulnerability of the Apache HTTP Server web server allows attackers to trigger a service failure.
The vulnerability of the Apache HTTP Server is related to resource management errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions through modified control streams...
USN-3038-1: Apache HTTP Server vulnerability
It was discovered that the Apache HTTP Server would set the HTTPPROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTPPROXY variable to redirect outgoing HTTP...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
CentOS Errata and Security Advisory CESA-2016:1422 An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: httpd24-httpd security update
An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
httpd: X509 client certificate authentication bypass using HTTP/2
A flaw was found in the way httpd performed client authentication using X.509 client certificates. When the HTTP/2 protocol was enabled, a remote attacker could use this flaw to access resources protected by certificate authentication without providing a valid client certificate...
CVE-2016-5387
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary...
Apache HTTP Server 2.4.x < 2.4.23 Multiple Vulnerabilities
Binary data 9394.prm...