Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by multiple vulnerabilities due to libexpat and the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2025-66200 DESCRIPTION: moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP...

EUVD-2015-8102

Malware in sbrugna...

DrayTek Vigor Routers 安全漏洞

DrayTek Vigor Routers is a series of wireless routers from China-based DrayTek. A security vulnerability exists in DrayTek Vigor Routers that stems from the presence of uninitialized variables in the HTTP CGI request parameter handling component, which could lead to memory corruption and remote...

CVE-2024-44334

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgradefilter.asp...

CVE-2024-44334

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgradefilter.asp...

CVE-2024-44334

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgradefilter.asp...

CVE-2024-44334

CVE-2024-44334 affects D-Link DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 with firmware 24.04.18D1/D1/E1. Root cause: insufficient parameter filtering in the CGI upgrade_filter.asp function allowing Remote Command Execution. Impact: high (Remote Command Execution...

CVE-2024-34195

TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlanssid field. This oversight leads to potential buffer overflow under specific...

CVE-2024-34195

TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlanssid field. This oversight leads to potential buffer overflow under specific...

CVE-2024-34195

The CVE affects TOTOLINK AC1200 Wireless Router A3002R with firmware 1.1.1-B20200824. The vulnerability resides in the boa server CGI function formWlEncrypt, where the wlan_ssid input lacks length validation, enabling a buffer overflow under certain conditions. Attackers can trigger the overflow ...

PT-2024-9844 · Webmin · Webmin

Name of the Vulnerable Software and Affected Versions: Webmin affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this issue. The specific flaw exists within the handli...

PT-2020-5768 · Yaws +1 · Yaws +1

Name of the Vulnerable Software and Affected Versions: Yaws versions 1.81 through 2.0.7 Description: The issue is related to the CGI implementation in the Yaws web server, which is associated with incorrect cleaning of CGI requests. This can allow a remote attacker to access confidential data,...

Code injection

CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program...

CVE-2015-8212

CVE-2015-8212 affects bozohttpd (NetBSD: 6.0.x up to 6.0.6, 6.1.x up to 6.1.5, 7.0). The flaw is in the CGI suffix handler when the -C option is used, allowing crafted arguments to be processed by a non-CGI aware program and enabling remote code execution. Severity/impact cited across sources ali...

EFMNetworks ipTIME CGI File Handling Remote Code Execution Vulnerability

EFM Networks ipTIME is the ipTIME series of routers, access points WiFi, modems and firewalls from EFM Networks in Korea. A remote code execution vulnerability in CGI file handling in EFM Networks ipTIME allows attackers to submit a special request to execute arbitrary code with root privileges o...

RedHat Update for ruby RHSA-2008:0562-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0562-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...