Lucene search
K

439 matches found

BDU FSTEC
BDU FSTEC
added 2024/04/16 12:0 a.m.5 views

The vulnerability in the apr_base64 function of the Apache Portable Runtime library allows a hacker to execute arbitrary code.

The vulnerability of the aprbase64 function in the Apache Portable Runtime library APR relates to the ability to write beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

6.5CVSS7AI score0.01417EPSS
Exploits0References5Affected Software4
Fedora
Fedora
added 2024/03/07 10:33 p.m.26 views

[SECURITY] Fedora 40 Update: tomcat-native-1.2.36-4.fc40

Tomcat can use the Apache Portable Runtime to provide superior scalability, performance, and better integration with native server technologies. The Apache Portable Runtime is a highly portable library that is at the heart of Apache HTTP Server 2.x. APR has many uses, including access to advanced...

8.8CVSS6.8AI score0.02578EPSS
Exploits3
OSV
OSV
added 2024/03/06 10:50 a.m.32 views

BIT-APR-2021-35940 Regression of CVE-2017-12613

An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...

7.1CVSS7.1AI score0.01185EPSS
Exploits0References17
OSV
OSV
added 2024/03/06 10:50 a.m.33 views

BIT-APR-2022-24963 Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions

Integer Overflow or Wraparound vulnerability in aprencode functions of Apache Portable Runtime APR allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime APR version 1.7.0...

9.8CVSS7.8AI score0.01472EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 10:50 a.m.20 views

BIT-APR-2022-28331 Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

9.8CVSS9.4AI score0.01575EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.23 views

CentOS 8 : apr-util (CESA-2023:3109)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3109 advisory. - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a...

6.5CVSS6.3AI score0.01417EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.5 views

The vulnerability of the apr_encode function in the Apache Portable Runtime library allows a hacker to execute arbitrary code.

The vulnerability of the aprencode function in the Apache Portable Runtime APR library is related to integer overflow when processing field lengths. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.01472EPSS
Exploits0References9Affected Software10
RedHat Linux
RedHat Linux
added 2023/12/11 9:7 a.m.4 views

apr: integer overflow/wraparound in apr_encode

A flaw was found in Apache Portable Runtime APR. This issue may allow a malicious attacker to write beyond the bounds of a buffer...

9.8CVSS5.7AI score0.01472EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/11 9:7 a.m.41 views

Moderate: Red Hat Security Advisory: apr security update

An update for apr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS6.9AI score0.01472EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.27 views

AlmaLinux 9 : apr (ALSA-2023:7711)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:7711 advisory. - Integer Overflow or Wraparound vulnerability in aprencode functions of Apache Portable Runtime APR allows an attacker to write beyond bounds of a buffer. This...

9.8CVSS7.6AI score0.01472EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2023/12/11 12:0 a.m.23 views

Moderate: apr security update

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fixes: apr: integer overflow/wraparound in aprencode CVE-2022-24963 For more details about the security issues,...

9.8CVSS6.8AI score0.01472EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.18 views

RHEL 9 : apr (RHSA-2023:7711)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7711 advisory. The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data...

9.8CVSS7.7AI score0.01472EPSS
Exploits0References5
OSV
OSV
added 2023/12/11 12:0 a.m.28 views

ALSA-2023:7711 Moderate: apr security update

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fixes: apr: integer overflow/wraparound in aprencode CVE-2022-24963 For more details about the security issues,...

9.8CVSS8.2AI score0.01472EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.16 views

Oracle Linux 9 : apr (ELSA-2023-7711)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7711 advisory. 1.7.0-12 - fix integer bounds checking in aprencode Resolves: RHEL-17123 Tenable has extracted the preceding description block directly from the Oracle Linux...

9.8CVSS7.6AI score0.01472EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/11/27 9:7 p.m.42 views

K000137702: Apache vulnerability CVE-2022-25147

Security Advisory Description Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. CVE-2022-25147...

6.5CVSS6.7AI score0.01417EPSS
Exploits0Affected Software15
Tenable Nessus
Tenable Nessus
added 2023/11/08 12:0 a.m.15 views

NewStart CGSL MAIN 6.06 : apr-util Vulnerability (NS-SA-2023-0131)

The remote NewStart CGSL host, running version MAIN 6.06, has apr-util packages installed that are affected by a vulnerability: - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer...

6.8AI score0.01417EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/24 7:1 p.m.95 views

Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-34981 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain...

9.8CVSS9.9AI score0.76768EPSS
Exploits20Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.42 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.3.7)

The version of AOS installed on the remote host is prior to 6.5.3.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.3.7 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying...

7.5CVSS7.6AI score0.20459EPSS
Exploits4References13
RedHat Linux
RedHat Linux
added 2023/09/04 12:24 p.m.13 views

apr: Windows out-of-bounds write in apr_socket_sendv function

A flaw was found in Apache Portable Runtime, affecting versions = 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments...

9.8CVSS6AI score0.01575EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/09/04 12:24 p.m.4 views

apr: integer overflow/wraparound in apr_encode

A flaw was found in Apache Portable Runtime APR. This issue may allow a malicious attacker to write beyond the bounds of a buffer...

9.8CVSS5.7AI score0.01472EPSS
Exploits0References5
Rows per page
Query Builder