Lucene search
K

9792 matches found

CNNVD
CNNVD
added 2021/10/14 12:0 a.m.3 views

Trend Micro Apex One 代码问题漏洞

Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection solutions from Trend Micro. The product provides anti-spam, anti-virus, network security and e-mail protection. Trend Micro Worry-Free Business Security suffers from a code issue vulnerability...

7.5CVSS5.8AI score0.01074EPSS
Exploits0References4
Gitee
Gitee
added 2021/10/11 11:56 a.m.5 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited v2.4.49 apache 独有漏洞,早期版本中并没有 apnormalizepath 这个函数,该函数是在v2.4.49版本中引入的,正是这个函数导致了 目录穿越,在 v2.4.50 被修复了 环境 https://github.com/1nhann/CVE-2021-41773 本环境中,加载了 cgi 模块: ini LoadModule...

7.5CVSS9.1AI score0.99992EPSS
Exploits148
Tenable Nessus
Tenable Nessus
added 2021/10/11 12:0 a.m.207 views

FreeBSD : Apache httpd -- Path Traversal and Remote Code Execution (d001c189-2793-11ec-8fb1-206a8a720317)

The Apache http server project reports : critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 incomplete fix of CVE-2021-41773 CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a...

9.8CVSS8.8AI score0.99992EPSS
Exploits173References2
Mageia
Mageia
added 2021/10/08 7:12 p.m.125 views

Updated apache packages fix security vulnerability

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS0.6AI score0.99964EPSS
Exploits62References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/10/08 12:0 a.m.69 views

JVN#51106450: Apache HTTP Server vulnerable to directory traversal

Apache HTTP Server provided by The Apache Software Foundation contains a directory traversal vulnerability CWE-22. Impact A remote attacker may access the unprotected files in "require all denied" placed outside of the document root. Moreover, if CGI scripts are enabled, arbitrary code may be...

9.8CVSS9.2AI score0.99992EPSS
Exploits173
OSV
OSV
added 2021/10/07 4:15 p.m.7 views

ALPINE-CVE-2021-42013

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS7.9AI score0.99964EPSS
Exploits62References1
Prion
Prion
added 2021/10/07 4:15 p.m.81 views

Path traversal

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

7.5CVSS8.1AI score0.99992EPSS
Exploits173References30Affected Software5
Debian CVE
Debian CVE
added 2021/10/07 3:50 p.m.81 views

CVE-2021-42013

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS9.1AI score0.99964EPSS
Exploits62
Openbugbounty
Openbugbounty
added 2021/10/07 5:24 a.m.28 views

All Vulnerabilities for amri.ninds.nih.gov Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| amri.ninds.nih.gov ---|--- Open Bug...

Exploits0
GithubExploit
GithubExploit
added 2021/10/07 12:14 a.m.489 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Playground === This is a small Docker recipe for...

7.5CVSS9.4AI score0.99992EPSS
Exploits148
ATTACKERKB
ATTACKERKB
added 2021/10/07 12:0 a.m.108 views

Apache HTTPd 2.4.49/2.4.50 路径穿越漏洞

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS9.3AI score0.99992EPSS
In wildExploits173References33
FreeBSD
FreeBSD
added 2021/10/07 12:0 a.m.125 views

Apache httpd -- Path Traversal and Remote Code Execution

The Apache http server project reports: critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 incomplete fix of CVE-2021-41773 CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a...

9.8CVSS1.8AI score0.99992EPSS
Exploits173
GithubExploit
GithubExploit
added 2021/10/06 2:17 p.m.397 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41...

7.5CVSS9.2AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2021/10/06 1:39 p.m.262 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Path traversal and file disclosure vulnerabilit...

7.5CVSS8.9AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploit
added 2021/10/06 7:17 a.m.328 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Playground === This is a small Docker recipe for...

7.5CVSS9.4AI score0.99992EPSS
Exploits148
Tenable Nessus
Tenable Nessus
added 2021/10/06 12:0 a.m.84 views

Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.49. It is, therefore, affected by multiple vulnerabilities: - While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the serve...

7.5CVSS8.1AI score0.99992EPSS
Exploits148References4
Apache Httpd
Apache Httpd
added 2021/10/06 12:0 a.m.208 views

Apache Httpd < 2.4.51 : Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS2.2AI score0.99992EPSS
Exploits173
RedhatCVE
RedhatCVE
added 2021/10/05 1:27 p.m.148 views

CVE-2021-41773

A path transversal flaw was found in Apache 2.4.49. A remote attacker could use this flaw to map URLs to files outside the expected document root. Additionally this flaw could leak the source of interpreted files like CGI scripts...

7.5CVSS2AI score0.99992EPSS
Exploits148References5
OSV
OSV
added 2021/10/05 9:15 a.m.8 views

ALPINE-CVE-2021-41773

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS7.7AI score0.99992EPSS
Exploits148References1
BDU FSTEC
BDU FSTEC
added 2021/09/29 12:0 a.m.5 views

The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine aircraft monitoring application, which allows a violator to execute arbitrary commands

The vulnerability of the cgi/networkDiag.cgi implementation of the SureLine monitoring application exists because measures are not taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

10CVSS8.4AI score0.97599EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder