Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.29 views

TencentOS Server 3: httpd:2.4 (TSSA-2022:0017)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0017 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7.7AI score0.97108EPSS
Exploits21References25
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.30 views

Alibaba Cloud Linux 3 : 0017: httpd:2.4 (ALINUX3-SA-2022:0017)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0017 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-0190: A bug exists in the way...

9.8CVSS7.7AI score0.97108EPSS
Exploits21References25
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.34 views

Photon OS 3.0: Httpd PHSA-2019-3.0-0013

An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0013. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS7.5AI score0.65005EPSS
Exploits8References7
OSV
OSV
added 2023/08/31 12:14 p.m.3 views

BELL-CVE-2019-0190 CVE-2019-0190 does not affect BellSoft software

Bulletin has no description...

7.5CVSS7.2AI score0.59942EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.36 views

Slackware: Security Advisory (SSA:2019-022-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.59942EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.42 views

Photon OS 2.0: Httpd PHSA-2019-2.0-0157

An update of the httpd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0157. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid124680...

7.8CVSS6.8AI score0.65005EPSS
Exploits8References7
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/28 7:0 a.m.42 views

Security Bulletin: Rational Build Forge Security Advisory for Apache HTTP Server (CVE-2019-0190; CVE-2018-17189; CVE-2018-17199)

Summary Apache HTTP Server has security vulnerabilities that allows a remote attacker to exploit the application. Respective security vulnerabilities are discussed in detail in the subsequent sections. Vulnerability Details This section includes the vulnerability details that affects the Rational...

7.5CVSS0.5AI score0.59942EPSS
Exploits0Affected Software1
Amazon
Amazon
added 2019/03/06 12:0 a.m.228 views

Important: httpd24

Issue Overview: In Apache HTTP server by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections. CVE-2018-17189 A bug exists in the way modss...

7.5CVSS6.8AI score0.59942EPSS
Exploits0
Kaspersky
Kaspersky
added 2019/02/28 12:0 a.m.48 views

KLA12364 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in modsessioncookie can be exploited to spoof user interface. 2...

7.5CVSS7.3AI score0.59942EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/20 10:0 p.m.59 views

Security Bulletin: Vulnerabilities CVE-2018-17199, CVE-2018-17189, and CVE-2019-0190 in the IBM i HTTP Server affect IBM i.

Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-0190 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the improper handling of client negotiations by modssl. By sending a specially crafted...

7.5CVSS1.2AI score0.59942EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/01/30 10:29 p.m.3 views

DEBIAN-CVE-2019-0190

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.5CVSS7.5AI score0.59942EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/01/30 10:29 p.m.46 views

CVE-2019-0190

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.5CVSS6.8AI score0.59942EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/01/30 10:0 p.m.52 views

CVE-2019-0190

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.2AI score0.59942EPSS
Exploits0References20
CVE
CVE
added 2019/01/30 10:0 p.m.500 views

CVE-2019-0190

Apache HTTP Server mod_ssl denial of service (CVE-2019-0190) occurs when renegotiations are mishandled with OpenSSL 1.1.1+, causing a loop and potential DoS. According to ALAS-2019-1166 and related advisories, the fix is to upgrade to Apache httpd 2.4.38 (mod_ssl 2.4.38) or newer; affected compon...

7.5CVSS7.1AI score0.59942EPSS
Exploits0References20Affected Software1
AlpineLinux
AlpineLinux
added 2019/01/30 10:0 p.m.52 views

CVE-2019-0190

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

7.5CVSS7.3AI score0.59942EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/01/25 12:0 a.m.62 views

Security fix for the ALT Linux 10 package apache2 version 1:2.4.38-alt1

Jan. 25, 2019 Anton Farygin 1:2.4.38-alt1 - 2.4.38 - fixes: important: modssl 2.4.37 remote DoS when used with OpenSSL 1.1.1. CVE-2019-0190 low: modsessioncookie does not respect expiry time. CVE-2018-17199 low: DoS for HTTP/2 connections via slow request bodies. CVE-2018-17189...

5CVSS7.1AI score0.59942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/24 12:0 a.m.279 views

FreeBSD : Apache -- vulnerability (eb888ce5-1f19-11e9-be05-4c72b94353b5)

The Apache httpd Project reports : SECURITY: CVE-2018-17199 modsession: modsessioncookie does not respect expiry time allowing sessions to be reused. SECURITY: CVE-2019-0190 modssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 or earlier with OpenSSL 1.1.1 and later...

7.5CVSS6.4AI score0.59942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/01/24 12:0 a.m.2649 views

Apache 2.4.x < 2.4.38 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.38. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in HTTP/2 steam handling. An unauthenticated, remote attacker can exploit this issue, via...

7.5CVSS6.5AI score0.59942EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/01/23 12:0 a.m.57 views

Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2019-022-01)

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-022-01. The text itself is copyright C Slackware Linux...

7.5CVSS6.6AI score0.59942EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2019/01/22 12:0 a.m.65 views

Apache -- vulnerability

The Apache httpd Project reports: SECURITY: CVE-2018-17199 modsession: modsessioncookie does not respect expiry time allowing sessions to be reused. SECURITY: CVE-2019-0190 modssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 or earlier with OpenSSL 1.1.1 and later. ...

7.5CVSS0.5AI score0.59942EPSS
Exploits0References2
Rows per page
Query Builder