4730 matches found
ModSecurity 输入验证错误漏洞
ModSecurity is an open source, cross-platform web application firewall WAF engine from OWASP ModSecurity Open Source. An input validation error vulnerability exists in ModSecurity versions prior to 2.9.8 through 2.9.11, which stems from an empty XML tag that could lead to a segmentation error...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if a list is empty, which could lead to invalid pointer references...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
RHEL 8 : mod_auth_openidc:2.3 (RHSA-2025:10003)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10003 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Conne...
RHEL 9 : mod_auth_openidc (RHSA-2025:10002)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10002 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Conne...
Hostel Management System empty_rooms.php File SQL Injection Vulnerability
Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchbox in the file /emptyrooms.php. An attacker can use this vulnerability to...
CVE-2024-51979
An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631. The malformed request will contain an empty Origin header value and a malformed Referer...
PT-2025-26824 · Qcuda · Qcuda
Name of the Vulnerable Software and Affected Versions: coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e Description: A vulnerability was found in the function qcow make empty of the file qCUDA/qcu-device/block/qcow.c. The manipulation of the argument s-l1 size leads to integer...
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
CVE-2025-6296
A vulnerability was found in code-projects Hostel Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /emptyrooms.php. The manipulation of the argument searchbox leads to sql injection. The attack may be launched remotely. The...
CVE-2025-6296
CVE-2025-6296 affects code-projects Hostel Management System 1.0. Multiple sources confirm a SQL injection vulnerability in the file /empty_rooms.php caused by lack of validation of the search_box parameter. The issue can be exploited remotely, potentially exposing or altering database data and a...
CVE-2022-49975
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...
SUSE CVE-2022-49975
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...
SUSE CVE-2025-38077
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid buffer overflow in currentpasswordstore If the 'buf' array received from the user contains an empty string, the 'length' variable will be zero. Accessing the 'buf' array element with index...