Lucene search
K

74 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : httpd24-httpd-2.4.34-8.el7.1, httpd24-nghttp2-1.7.1-7.el7.1 (AXSA:2019-4337:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4337:01 advisory. HTTP/2: large amount of data requests leads to denial of service CVE-2019-9511 HTTP/2: flood using PRIORITY frames resulting in excessive resource...

7.8CVSS7.9AI score0.82017EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : httpd24-httpd-2.4.34-8.AXS4.1, httpd24-nghttp2-1.7.1-7.AXS4.1 (AXSA:2019-4336:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4336:01 advisory. HTTP/2: large amount of data requests leads to denial of service CVE-2019-9511 HTTP/2: flood using PRIORITY frames resulting in excessive resource...

7.8CVSS7.9AI score0.82017EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13279

Malware in sbrugna...

7.5CVSS7.6AI score0.0239EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.54 views

Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...

9.8CVSS7.2AI score0.99999EPSS
Exploits30References3
Oracle linux
Oracle linux
added 2024/05/24 12:0 a.m.76 views

httpd:2.4 security update

httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...

7.5CVSS7.5AI score0.99999EPSS
Exploits30
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.33 views

Rocky Linux 8 : nodejs:10 (RLSA-2019:2925)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:2925 advisory. - In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS...

7.8CVSS7.3AI score0.87806EPSS
Exploits1References18
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 6:13 p.m.73 views

Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common

Summary IBM Storage Protect Server uses the http2-server and http2-common components and may be vulnerable to these attacks. Vulnerability Details CVEID:CVE-2019-9511 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Data Dribble attack. By sending a HTTP/2 request ...

7.8CVSS6.9AI score0.87806EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.643 views

K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517

Security Advisory Description CVE-2019-9511 Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They...

7.8CVSS7.4AI score0.82017EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.4 views

SUSE CVE-2019-9517

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write many of the byt...

7.5CVSS7.7AI score0.27004EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.43 views

Slackware: Security Advisory (SSA:2020-091-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.81466EPSS
Exploits6References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 8:10 p.m.50 views

Security Bulletin: WebSphere Application Server Liberty vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center)

Summary Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. IBM Spectrum Control has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-4304 DESCRIPTION: IBM WebSphere Application Server -...

7.8CVSS7.2AI score0.87806EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:59 p.m.49 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)

Summary Node.js denial of service vulnerabilities affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVE-ID: CVE-2019-9511 Description: Multiple vendors are vulnerable to a denial of service, caused by a Data Dribble attack. By sending a HTTP/2 request ...

7.8CVSS7.6AI score0.87806EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.41 views

Mageia: Security Advisory (MGASA-2019-0407)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.81466EPSS
Exploits6References7
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2020-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87806EPSS
Exploits4References10
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.47 views

SUSE: Security Advisory (SUSE-SU-2019:2237-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.3AI score0.81466EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:0059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2019:2254-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.42 views

SUSE: Security Advisory (SUSE-SU-2019:2260-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.62 views

CentOS 8 : httpd:2.4 (CESA-2019:2893)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:2893 advisory. - HTTP/2: request for large response leads to denial of service CVE-2019-9517 Note that Nessus has not tested for this issue but has instead relied only on the...

7.8CVSS7.3AI score0.27004EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.63 views

CentOS 8 : nodejs:10 (CESA-2019:2925)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2925 advisory. - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass CVE-2019-5737 - HTTP/2: large amount of data requests leads to denial...

7.8CVSS7.2AI score0.87806EPSS
Exploits1References10
Rows per page
Query Builder