Lucene search
K

56 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2017-15715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end o...

8.1CVSS6.3AI score0.86006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.36 views

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

10CVSS7AI score0.86006EPSS
Exploits0References89
OSV
OSV
added 2023/08/31 12:15 p.m.1 views

BELL-CVE-2017-15715 CVE-2017-15715 does not affect BellSoft software

Bulletin has no description...

8.1CVSS5.8AI score0.86006EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:3 p.m.60 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301).

Summary IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM HTTP Server...

8.1CVSS7.4AI score0.86006EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.85 views

K27757011: Apache HTTPD vulnerability CVE-2017-15715

Security Advisory Description In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally...

8.1CVSS6.5AI score0.86006EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2022/02/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

8.1CVSS6.7AI score0.86006EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2018-0460)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.86006EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.60 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : httpd Multiple Vulnerabilities (NS-SA-2021-0159)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching onl...

8.1CVSS6.6AI score0.86006EPSS
Exploits1References13
Circl
Circl
added 2021/05/04 4:33 a.m.4 views

CVE-2017-15715

creationtimestamp| type| source ---|---|--- 2021-05-04 04:33:29+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/329 2022-02-18 16:23:37+00:00| seen| https://t.me/cyberdenteam/354 2022-06-01 15:53:21+00:00| seen| Telegram/oy0dbBE7nfsKRAHLSCKnQ1rQ2k7lu2BiCitRs7pe50X7S8...

8.1CVSS6.1AI score0.86006EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2018:0901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.86006EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2018:1161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.86006EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2018:1161-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.86006EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.58 views

IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 Multiple Vulnerabilities (569295)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities related to Apache HTTP Server, as follows: - A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached...

8.1CVSS6.5AI score0.86006EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/12 6:6 a.m.50 views

Security Bulletin: Vulnerability in HTTPD affects IBM Integrated Analytics System

Summary Redhat provided HTTPD is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-15715 DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by the FilesMatch...

8.1CVSS1.2AI score0.86006EPSS
Exploits0Affected Software1
Cent OS
Cent OS
added 2020/10/20 6:13 p.m.805 views

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2020:3958 An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.1CVSS6.7AI score0.86006EPSS
Exploits1References7
Oracle linux
Oracle linux
added 2020/10/06 12:0 a.m.217 views

httpd security, bug fix, and enhancement update

2.4.6-95.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-95 - Resolves: 1823262 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value 2.4.6-94 - Resolves: 1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: 1747283 -...

8.1CVSS0.9AI score0.86006EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/09/29 7:26 p.m.124 views

Moderate: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.1CVSS6.7AI score0.86006EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/20 2:39 p.m.60 views

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affect Rational Build Forge (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

Summary There are multiple vulnerabilities in the IBM® HTTP Server used by the Web Application Server, where the IBM Rational Build Forge is hosted. These vulnerabilities affect the Rational Build Forge resulting in denial-of-service allowing a remote attacker to exploit the vulnerability...

8.1CVSS0.9AI score0.86006EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.40 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1015)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.86006EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1560)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.86006EPSS
Exploits0References2
Rows per page
Query Builder