Lucene search
K

87 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

9.8CVSS8.5AI score0.99999EPSS
Exploits8References17
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/23 5:40 p.m.45 views

Security Bulletin: IBM Aspera Console 3.4.2 PL7 has addressed multiple vulnerabilities (CVE-2022-37436, CVE-2021-34798)

Summary This Security Bulletin addresses security vulnerabilities that have been remediated CVE-2022-37436, CVE-2021-34798 in IBM Aspera Console 3.4.2 PL7. Vulnerability Details CVEID:CVE-2022-37436 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP response splitting attacks, caused by the us...

7.5CVSS8.7AI score0.64509EPSS
Exploits0Affected Software1
Rosalinux
Rosalinux
added 2023/04/25 11:49 a.m.73 views

Advisory ROSA-SA-2023-2159

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: 2.4.37 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries. Exploitation of the...

9.8CVSS8.9AI score0.90039EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.66 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : httpd Multiple Vulnerabilities (NS-SA-2023-0011)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 ...

9.8CVSS8.3AI score0.99999EPSS
Exploits9References13
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.144 views

K72382141: Apache HTTPD vulnerability CVE-2021-34798

Security Advisory Description Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-34798 Impact A NULL pointer dereference in httpd allows an unauthenticated remote attacker to cause httpd to terminate by providi...

7.5CVSS7.9AI score0.64509EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:40 p.m.52 views

Security Bulletin: IBM Aspera Orchestrator was vulnerable to denial of service due to an Apache HTTP Server vulnerability (CVE-2021-34798)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-34798 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference in httpd core. By sending a specially crafted request, a...

7.5CVSS8.6AI score0.64509EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.50 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1074)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99999EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2022/09/29 1:33 p.m.89 views

Moderate: Red Hat Security Advisory: httpd24-httpd security and bug fix update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.2AI score0.99999EPSS
Exploits8References17
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.42 views

Ubuntu: Security Advisory (USN-5090-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99999EPSS
Exploits6References5
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.46 views

Ubuntu: Security Advisory (USN-5090-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.99999EPSS
Exploits5References4
ICS
ICS
added 2022/06/14 12:0 a.m.286 views

Siemens Apache HTTP Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Apache HTTP Server Vulnerabilities: NULL Pointer Dereference, Out-of-bounds Write, Server-side Request Forgery SSRF 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

9.8CVSS9.7AI score0.99999EPSS
Exploits5References11
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/30 11:54 a.m.56 views

Security Bulletin: Vulnerabilities in Apache HTTP (CVE-2021-34798 and CVE-2021-39275) affects Power HMC

Summary Apache HTTP webserver is used by IBM Power Hardware Management Console HMC for accepting https request and transfer to and fro to internal applications. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2021-34798 and CVE-2021-39275 by upgrading IBM Power Hardware...

9.8CVSS0.4AI score0.64509EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.63 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2022-0021)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 ...

9.8CVSS8.2AI score0.97108EPSS
Exploits4References9
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.35 views

Slackware: Security Advisory (SSA:2021-259-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99999EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.60 views

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-1399)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.9AI score0.99999EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.54 views

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-1373)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.9AI score0.99999EPSS
Exploits5References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/15 4:37 a.m.66 views

Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities (CVE-2021-40438, CVE-2021-34798)

Summary IBM Security SiteProtector System has addressed the following vulnerabilities in Core XPU: Vulnerability Details CVEID: CVE-2021-40438 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in modproxy. By sending a specially crafted request...

9CVSS1.1AI score0.99999EPSS
Exploits5Affected Software1
OpenVAS
OpenVAS
added 2022/04/13 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1373)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.99999EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2022/04/13 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1399)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.99999EPSS
Exploits5References4
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.33 views

CVE-2021-34798 affecting package httpd for versions less than 2.4.52-1

CVE-2021-34798 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS9.1AI score0.64509EPSS
Exploits0
Rows per page
Query Builder