Lucene search
K

48 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.40 views

Debian: Security Advisory (DLA-66-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.1AI score0.85744EPSS
Exploits6References2
F5 Networks
F5 Networks
added 2023/02/21 7:8 p.m.32 views

K15300: Apache HTTP Server mod_dav DoS vulnerability CVE-2013-6438

Security Advisory Description The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE...

5CVSS7.2AI score0.26831EPSS
Exploits2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.2 views

SUSE CVE-2013-6438

The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...

5CVSS8.5AI score0.26831EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 7:21 p.m.62 views

Security Bulletin: Network Intrusion Prevention System is affected by multiple Apache web server vulnerabilities (CVE-2013-6438, CVE-2014-0098, CVE-2014-0226, CVE-2014-0231)

Summary Security vulnerabilities have been discovered in the Apache web server component bundled with IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2013-6438 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by an error in the modda...

6.8CVSS8.2AI score0.85744EPSS
Exploits6Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2014-0135)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.9AI score0.26831EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2014:1080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.9AI score0.85744EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2014:1082-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6AI score0.85744EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.295 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1419)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.94999EPSS
Exploits26References2
Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.103 views

Apache 2.4.x < 2.4.9 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is a version prior to 2.4.9. It is, therefore, affected by the following vulnerabilities : - A flaw exists with the 'moddav' module that is caused when tracking the length of CDATA that has leading white space. A remo...

5CVSS8.4AI score0.26831EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:57 p.m.47 views

Security Bulletin: IBM InfoSphere Balanced Warehouse C3000, C4000, IBM Smart Analytics System 1050, and 2050 are affected by the following Apache Tomcat vulnerabilities: CVE-2014-0098 and CVE-2013-6438

Summary The IBM InfoSphere Balanced Warehouse C3000 and C4000 for Windows and IBM Smart Analytics System 1050 and 2050 for Windows ship with Apache HTTP Server which contains known security vulnerabilities. Vulnerability Details CVE-ID: CVE-2014-0098 DESCRIPTION: Apache HTTP Server is vulnerable ...

5CVSS0.5AI score0.26831EPSS
Exploits2Affected Software2
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.50 views

SUSE: Security Advisory for apache2 (SUSE-SU-2014:1080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.85744EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.58 views

Amazon Linux: Security Advisory (ALAS-2014-331)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9AI score0.26831EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/07/20 12:0 a.m.264 views

Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685)

The remote host is running a version of NSM Network and Security Manager Server that is prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities in the bundled version of Apache HTTP Server : - A flaw exists due to improper escaping of filenames in 406 and 300 HTTP responses. A...

6.8CVSS7.4AI score0.85744EPSS
Exploits13References12
Hacker One
Hacker One
added 2015/06/09 5:47 p.m.5511 views

Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)

Hello, Your current version of apache 2.2.22 for http://aanbieding.marktplaats.com is vulnerable to many issues like DoS, XSS and Code Exec 1. DoS Refer: http://www.cvedetails.com/cve/CVE-2014-0231/ http://www.cvedetails.com/cve/CVE-2014-0098/ http://www.cvedetails.com/cve/CVE-2013-6438/...

0.1AI score0.43809EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2014/12/16 12:0 a.m.59 views

openSUSE Security Update : apache2 (openSUSE-SU-2014:1647-1)

This apache version update fixes various security and non security issues. - Updated to the 2.2.29 - Changes between 2.2.22 and 2.2.29: http://www.apache.org/dist/httpd/CHANGES2.2 - The following patches are no longer needed and were removed : - httpd-2.2.x-bnc798733-SNIignorecase.diff -...

6.8CVSS7.5AI score0.90734EPSS
Exploits21References11
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.42 views

Amazon Linux AMI : httpd (ALAS-2014-331)

It was found that the moddav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the moddav module for example when using the moddavsvn module, a remote attacker could send a specially crafted DAV request that would...

5CVSS7.9AI score0.26831EPSS
Exploits2References3
OSV
OSV
added 2014/09/29 12:0 a.m.56 views

DLA-66-1 apache2 - security update

Bulletin has no description...

6.8CVSS7AI score0.85744EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/08/21 12:0 a.m.42 views

openSUSE Security Update : apache2 (openSUSE-SU-2014:1045-1)

This apache2 update fixes the following security issues : - CRIME types of attack, based on size and timing analysis of compressed content, are now mitigated by the new SSLCompression directive, set to 'no' in /etc/apache2/ssl-global.conf - ssl-global.conf: SSLHonorCipherOrder set to on -...

6.8CVSS6.9AI score0.85744EPSS
Exploits6References9
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/07 11:4 p.m.56 views

security issues addressed, most notably the mod_security heap overflow known as CVE-2014-0226 (important)

apache2: - ECC support was added to modssl - fix for a race condition in modstatus known as CVE-2014-0226 can lead to information disclosure; modstatus is not active by default, and is normally only open for connects from localhost. - fix for bug known as CVE-2014-0098 that can crash the apache...

6.8CVSS0.2AI score0.85744EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2014/08/07 12:0 a.m.59 views

SuSE 11.3 Security Update : Apache Web Server (SAT Patch Number 9542)

This update for the Apache Web Server provides the following fixes : - Fixed a heap-based buffer overflow on apache module modstatus. bnc887765, CVE-2014-0226 - Properly remove whitespace characters from CDATA sections to avoid remote denial of service by crashing the Apache Server process...

6.8CVSS7.2AI score0.85744EPSS
Exploits6References13
Rows per page
Query Builder