Exploit for CVE-2024-47176

Quick Start Example usage: python3 cupsscanner.py --targets...

CVE-2024-47764

cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...

VICIdial Authenticated Remote Code Execution

An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. Module Options msf use...

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to a remote attacker causing a denial of service, executing arbitrary code, and mapping URLs to filesystem locations due to multiple vulnerabilities.

Summary IBM HTTP Server powered by Apache for IBM i is vulnerable to a remote attacker causing a denial of service due to NULL pointer dereference CVE-2024-38477, executing arbitrary code due to an encoding issue in modrewrite CVE-2024-38474, and improper escaping in modrewrite resulting in acces...

RHSA-2020:1337 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP2 security update

Bulletin has no description...

RHSA-2024:6927 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP6 security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: mod_jk bug fix update

An update for modjk is now available for Red Hat Enterprise Linux 9.4. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:RHEL-58855 Security fixes: modjk:...

ALSA-2024:7457 Moderate: mod_jk bug fix update

The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:AlmaLinux-58855 Security fixes: modjk: information Disclosure / DoS CVE-2024-46544 JIRA:AlmaLinux-59800...

Moderate: mod_jk bug fix update

The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:AlmaLinux-58855 Security fixes: modjk: information Disclosure / DoS CVE-2024-46544 JIRA:AlmaLinux-59800...

RHSA-2024:2693 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update

Bulletin has no description...

RHSA-2022:1389 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Bulletin has no description...

RHSA-2023:6105 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP1 security update

Bulletin has no description...

RHSA-2022:8840 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update

Bulletin has no description...

RHSA-2021:4614 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update

Bulletin has no description...

openSUSE 15 Security Update : coredns (openSUSE-SU-2024:0319-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0319-1 advisory. Update to version 1.11.3: optimize the performance for high qps 6767 bump deps Fix zone parser error handling 6680 Add alternate option to forwar...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 WinRAR Exploit Generator Created by: tech...

Cisco IOS XE Software HTTP Server Telephony Services DoS (cisco-sa-httpsrvr-dos-yOZThut)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service DoS...

CVE-2024-20436

A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a null pointer dereference when accessin...

RHSA-2024:5239 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update

Bulletin has no description...

CVE-2024-20436

A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a null pointer dereference when accessin...