Lucene search
+L

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:57 a.m.77 views

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.27 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-40898 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with modrewrite in server/vhost context. By sending a specially crafte...

9.8CVSS9.8AI score0.6795EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.25 views

Azure Linux 3.0 Security Update: httpd (CVE-2024-38472)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...

7.5CVSS6.9AI score0.6795EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.61 views

Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...

9.8CVSS7.5AI score0.99957EPSS
Exploits14References19
GithubExploit
GithubExploit
added 2024/08/03 4:8 p.m.1564 views

Exploit for Server-Side Request Forgery in Apache Http_Server

It is an offensive tool for web applications. The repository app...

7.5CVSS6.9AI score0.6795EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/26 1:13 p.m.80 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server.

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.8CVSS9.1AI score0.99957EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.41 views

Photon OS 4.0: Httpd PHSA-2024-4.0-0651

An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0651. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.1CVSS8.3AI score0.99957EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/07/20 12:0 a.m.38 views

CBL Mariner 2.0 Security Update: httpd (CVE-2024-38472)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...

7.5CVSS6.9AI score0.6795EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2024/07/19 12:0 a.m.8 views

CVE-2024-38472

...

7.5CVSS8.7AI score0.6795EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2024/07/18 10:7 p.m.96 views

CVE-2024-38472

A flaw was found in httpd on Windows systems. This issue potentially allows NTLM hashes to be leaked to a malicious server via Server-side request forgery SSRF and malicious requests or content...

7.5CVSS8.2AI score0.6795EPSS
Exploits1References4
CVE
CVE
added 2024/07/01 6:12 p.m.865 views

CVE-2024-38472

CVE-2024-38472 : Apache HTTP Server on Windows is vulnerable to server-side request forgery (SSRF) that could leak NTLM hashes to a malicious server via crafted requests, due to improper validation of Windows UNC/UNC paths. The issue is addressed by upgrading to Apache HTTP Server 2.4.60 (as note...

7.5CVSS8.2AI score0.6795EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/07/01 6:12 p.m.194 views

CVE-2024-38472 Apache HTTP Server on WIndows UNC SSRF

SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...

0.6795EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/07/01 12:0 a.m.1818 views

Apache 2.4.x < 2.4.60 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.60. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.60 advisory. - Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash o...

9.8CVSS8.1AI score0.99957EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2024/07/01 12:0 a.m.67 views

Apache HTTP Server < 2.4.60 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

9.8CVSS8.2AI score0.99957EPSS
Exploits3References3
Rows per page
Query Builder