5876 matches found
K000139064: Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360
Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall WAF module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via an...
CVE-2024-1521
CVE-2024-1521 affects the Elementor Website Builder Pro plugin for WordPress. It enables Stored Cross-Site Scripting through an SVGZ file uploaded via the Form widget in all versions up to and including 3.20.1, due to insufficient input sanitization and output escaping. Exploitation requires auth...
CVE-2024-1521
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials
Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs...
EulerOS Virtualization 2.11.0 : httpd (EulerOS-SA-2024-1428)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-1400)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
httpd: mod_macro: out-of-bounds read vulnerability
A flaw was found in the modmacro module of httpd. When processing a very long macro, the null byte terminator will not be added, leading to an out-of-bounds read, resulting in a crash...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 (RHSA-2024:1316)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1316 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1380)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1359)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2024-1380)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2024-1359)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1273)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : httpd (EulerOS-SA-2024-1273)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...
BIT-APACHE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...
BIT-APACHE-2020-11985
IP address spoofing when proxying using modremoteip and modrewrite For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively...
BIT-APACHE-2020-13938 Improper Handling of Insufficient Privileges
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows...
BIT-APACHE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...