Lucene search
K

60 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.9 views

MiracleLinux 7 : httpd24-1.1-19.el7, httpd24-httpd-2.4.34-15.el7, httpd24-nghttp2-1.7.1-8.el7 (AXSA:2019-4418:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4418:01 advisory. httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modauthdigest: access control bypass due to race condition CVE-2019-0217...

7.5CVSS6.8AI score0.81466EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.34 views

Photon OS 3.0: Httpd PHSA-2019-3.0-0013

An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0013. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS7.5AI score0.65005EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.37 views

RHEL 6 / 7 : httpd24-httpd (RHSA-2019:4126)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4126 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

7.5CVSS7AI score0.81466EPSS
Exploits4References22
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.43 views

Oracle Linux 7 : httpd (ELSA-2020-1121)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1121 advisory. - Resolves: 1677496 - CVE-2018-17199 httpd: modsessioncookie does not respect expiry time - Resolves: 1565465 - CVE-2017-15710 httpd: Out of bound writ...

7.5CVSS6.5AI score0.19994EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2023/04/25 11:49 a.m.59 views

Advisory ROSA-SA-2023-2159

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: 2.4.37 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries. Exploitation of the...

9.8CVSS8.9AI score0.90039EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.56 views

NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2023-1001)

The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily...

9.8CVSS7.1AI score0.97108EPSS
Exploits11References29
F5 Networks
F5 Networks
added 2023/02/21 7:55 p.m.83 views

K54296221: Apache httpd vulnerability CVE-2018-17199

Security Advisory Description In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded...

7.5CVSS6.4AI score0.19994EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.36 views

Slackware: Security Advisory (SSA:2019-022-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.59942EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.39 views

Mageia: Security Advisory (MGASA-2019-0109)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.19994EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/22 6:10 a.m.67 views

Security Bulletin: Vulnerability in Apache HTTP (CVE-2018-17199 and CVE-2020-11993) affects HMC

Summary Apache HTTP is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE's. Vulnerability Details CVEID: CVE-2018-17199 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by checking the session expiry time befor...

7.5CVSS8AI score0.58716EPSS
Exploits2Affected Software2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2019:0504-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.19994EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.76 views

Oracle Linux 8 : httpd:2.4 (ELSA-2021-1809)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1809 advisory. - Resolves: 1677590 - CVE-2018-17199 httpd:2.4/httpd: modsessioncookie does not respect expiry time - Resolves: 1869075 - CVE-2020-11984 httpd:2.4/http...

9.8CVSS6.9AI score0.90039EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.93 views

RHEL 8 : httpd:2.4 (RHSA-2021:1809)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1809 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie...

9.8CVSS7.2AI score0.90039EPSS
Exploits4References18
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.125 views

CentOS 8 : httpd:2.4 (CESA-2021:1809)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1809 advisory. - httpd: modsessioncookie does not respect expiry time CVE-2018-17199 - httpd: modproxyuwsgi buffer overflow CVE-2020-11984 - httpd: modhttp2 concurren...

9.8CVSS7.1AI score0.90039EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2021/05/18 2:25 p.m.121 views

Moderate: Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.90039EPSS
Exploits4References13
OSV
OSV
added 2021/05/18 6:8 a.m.52 views

ALSA-2021:1809 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

9.8CVSS7.4AI score0.90039EPSS
Exploits4References4
OSV
OSV
added 2021/05/18 6:8 a.m.61 views

RLSA-2021:1809 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

9.8CVSS7.4AI score0.90039EPSS
Exploits4References12
AlmaLinux
AlmaLinux
added 2021/05/18 6:8 a.m.90 views

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

9.8CVSS8.4AI score0.90039EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2019:0498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.19994EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2019:0888-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.19994EPSS
Exploits0References6
Rows per page
Query Builder