CVE-2017-18412

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

EUVD-2017-8828

Malware in sbrugna...

EUVD-2006-5248

Malware in sbrugna...

EUVD-2007-1533

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-31207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written t...

CVE-2025-54813

Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...

UBUNTU-CVE-2025-1075

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...

PT-2023-23230 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Checkmk versions 2.1.0 through 2.1.0p26 Checkmk versions 2.0.0 through 2.0.0p35 Checkmk versions 2.2.0b6 and earlier Description: The issue involves the transmission of credentials within query parameters, potentially causing the automation...

ApacheLogAnonymizer (>=0.1.0 <=0.1.1), BrewStillery (>=1.0.0 <=6.0.2) +3234 more potentially affected by CVE-2022-24713 via regex (>=0.1.58 <=1.5.4)

regex CARGO version =0.1.58, =0.1.0, =1.0.0, =0.1.1, =0.7.0, =0.10.0, =0.1.0, =0.0.6, =0.1.1, =0.1.4, =0.1.0, =0.2.0 and more Source cves: CVE-2022-24713 Source advisory: OSV:RUSTSEC-2022-0013...

log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink

A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests...

log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink

A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests...

Regular Expression Denial Of Service (ReDoS)

fluentd is vulnerable to regular expression denial of service ReDoS attacks. An attacker is able to inject a certain pattern of string via a broken apache log that would cause a ReDoS attack when the parsed malicious string spends too much time in the regular expression...

ReDoS vulnerability in parser_apache2

Impact parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. Patches v1.14.2...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via an apache log with a certain pattern of string that can take a long time matching the expression. Note: This only affects the parserapache2 plugin of the package. Details Denial of Service...

Fedora: Security Advisory for pure-ftpd (FEDORA-2020-84fb0920fd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 31 Update: pure-ftpd-1.0.49-5.fc31

Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...

[SECURITY] Fedora 32 Update: pure-ftpd-1.0.49-5.fc32

Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...

CVE-2016-10796

cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files SEC-130...

CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit

No description provided by source. ?php ---dragonfly9.0.6.1inclxpl.php 20.15 07/02/2006 CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion - Sun-Tzu Drangonfly killing - coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc...

Fedora Update for cherokee FEDORA-2011-12687

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12687 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...