CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•8 views

Astra Linux – Vulnerability in Apache2

Apache HTTP Server versions 2.4.0 to 2.4.46: A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor can the Apache HTTP Server team have created such a report. However, certain compilers and/or compilation options...

7.3CVSS7AI score0.53191EPSS

Exploits0References2

OSV•added 2026/05/02 1:2 a.m.•7 views

CLSA-2026-1777541147 squid34: Fix of 12 CVEs

CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...

9.8CVSS6.7AI score0.74477EPSS

Exploits2References1

CloudLinux•added 2026/05/02 1:2 a.m.•9 views

squid34: Fix of 12 CVEs

9.8CVSS6.7AI score0.74477EPSS

Exploits2

OSV•added 2026/04/30 8:56 a.m.•7 views

CLSA-2026-1777539404 squid34: Fix of 12 CVEs

9.8CVSS6.7AI score0.74477EPSS

Exploits2References1

OSV•added 2026/04/23 6:38 p.m.•6 views

CLSA-2026-1776879277 squid: Fix of 13 CVEs

CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...

9.8CVSS6.8AI score0.74477EPSS

Exploits2References1

Tenable Nessus•added 2025/11/20 12:0 a.m.•9 views

TencentOS Server 3: php:8.0 (TSSA-2023:0257)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0257 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7.8AI score0.08003EPSS

Exploits6References7

Microsoft CVE•added 2025/09/03 9:45 p.m.•6 views

An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.

...

5.9CVSS9.2AI score0.00217EPSS

Exploits1

Tenable Nessus•added 2025/08/11 12:0 a.m.•12 views

TencentOS Server 2: httpd (TSSA-2025:0526)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0526 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

9.8CVSS7.7AI score0.69803EPSS

Exploits2References15

Tenable Nessus•added 2025/08/07 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-4772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126. CVE-2024-4772...

5.9CVSS7.4AI score0.00217EPSS

Exploits1References2

OSV•added 2024/03/06 10:56 a.m.•112 views

BIT-APACHE-2020-35452 mod_auth_digest possible stack overflow by one nul byte

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...

7.3CVSS8.1AI score0.53191EPSS

Exploits0References13

SUSE CVE•added 2023/02/15 3:59 a.m.•4 views

SUSE CVE-2020-11945

An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter a short integer. Remote code execution may occur if...

8.8CVSS8.2AI score0.27246EPSS

Exploits0References8

SUSE CVE•added 2023/02/15 3:51 a.m.•4 views

SUSE CVE-2020-35452

8.1CVSS7.1AI score0.53191EPSS

Exploits0References10

CloudLinux•added 2021/10/07 10:12 a.m.•43 views

Fix of CVE: CVE-2020-35452

CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...

7.3CVSS2.8AI score0.53191EPSS

Exploits0References1

OSV•added 2021/06/26 11:3 a.m.•3 views

OESA-2021-1246 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflowCVE-2021-26691 Apache HTTP Server versions 2.4.41 to 2.4.46 modproxyhtt...

9.8CVSS7.1AI score0.68067EPSS

Exploits0References5

OSV•added 2021/06/21 3:25 p.m.•9 views

USN-4994-2 apache2 vulnerabilities

USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Antonio Morales discovered that the Apache modauthdigest module incorrectly handled certain Digest nonces. A remote attacker coul...

9.8CVSS7AI score0.68067EPSS

Exploits0References5

OSV•added 2021/06/10 7:15 a.m.•2 views

ALPINE-CVE-2020-35452

7.3CVSS7AI score0.53191EPSS

Exploits0References1

OSV•added 2021/06/10 7:15 a.m.•4 views

DEBIAN-CVE-2020-35452

7.3CVSS7AI score0.53191EPSS

Exploits0References1