Lucene search
+L

57 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : httpd:2.4 (AXSA:2022-3552:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3552:01 advisory. httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: modproxyuwsgi: out-of-bounds read via a crafted request...

8.2CVSS7.8AI score0.82295EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.11 views

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

9.8CVSS8.5AI score0.99999EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.55 views

Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...

9.8CVSS7.2AI score0.99999EPSS
Exploits31References3
Oracle linux
Oracle linux
added 2024/05/24 12:0 a.m.78 views

httpd:2.4 security update

httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...

7.5CVSS7.5AI score0.99999EPSS
Exploits31
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.88 views

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modproxy: X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813 - Apache HTTP Server...

9.1AI score0.90407EPSS
Exploits3References21
Rosalinux
Rosalinux
added 2023/04/25 11:49 a.m.74 views

Advisory ROSA-SA-2023-2159

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: 2.4.37 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries. Exploitation of the...

9.8CVSS8.9AI score0.90039EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/03/10 12:0 a.m.64 views

Debian dla-3351 : apache2 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3351 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3351-1 [email protected]...

9CVSS7.2AI score0.57941EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2023/03/10 12:0 a.m.33 views

Debian: Security Advisory (DLA-3351-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8AI score0.57941EPSS
Exploits1References4
Debian
Debian
added 2023/03/03 4:35 p.m.47 views

[SECURITY] [DLA 3351-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3351-1 [email protected] https://www.debian.org/lts/security/ Lee Garrett March 03, 2023 https://wiki.debian.org/LTS -...

9CVSS8.8AI score0.57941EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.138 views

K94828628: Apache mod_proxy HTTP/2 vulnerability CVE-2021-33193

Security Advisory Description A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. CVE-2021-33193 Impact There is no impact; F5 products are not...

7.5CVSS6.3AI score0.46179EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 8:39 p.m.48 views

Security Bulletin: IBM Aspera Orchestrator affected by HTTP request splitting attack due to Apache HTTP Server vulnerability (CVE-2021-33193)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-33193 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by improper input validation in HTTP/2 message processing. A remote attacker...

7.5CVSS7.5AI score0.46179EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/04 12:13 a.m.65 views

Security Bulletin: Vulnerabilities in Apache HTTP (CVE-2021-33193 and CVE-2021-44224) affects Power HMC

Summary Apache HTTP webserver is used by IBM Power Hardware Management Console HMC for accepting https request and transfer to and fro to internal applications. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2021-33193 and CVE-2021-44224 by upgrading IBM Power Hardware...

8.2CVSS8.4AI score0.82295EPSS
Exploits1Affected Software2
Oracle linux
Oracle linux
added 2022/11/15 12:0 a.m.85 views

httpd:2.4 security update

httpd 2.4.37-51.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-51 - Resolves: 2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via aprwrite - Resolves: 2097031 - CVE-2022-28615 httpd:2.4/httpd:...

9.8CVSS0.5AI score0.90407EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2022/10/26 8:15 p.m.70 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

9.8CVSS7AI score0.82295EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2022/10/26 8:5 p.m.73 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

9.8CVSS7.6AI score0.82295EPSS
Exploits5References22
RedHat Linux
RedHat Linux
added 2022/09/29 1:33 p.m.90 views

Moderate: Red Hat Security Advisory: httpd24-httpd security and bug fix update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.2AI score0.99999EPSS
Exploits8References17
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.42 views

Ubuntu: Security Advisory (USN-5090-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99999EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.66 views

Oracle Linux 8 : httpd:2.4 (ELSA-2022-1915)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1915 advisory. - Resolves: 2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations Tenable has extracted the...

8.2CVSS7.5AI score0.82295EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.87 views

AlmaLinux 8 : httpd:2.4 (ALSA-2022:1915)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1915 advisory. httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: modproxyuwsgi: out-of-bounds read via a crafted request uri-path...

8.2CVSS7.5AI score0.82295EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.245 views

RHEL 8 : httpd:2.4 (RHSA-2022:1915)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1915 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Request splittin...

8.2CVSS7.6AI score0.82295EPSS
Exploits1References14
Rows per page
Query Builder