CVE-2024-34087

This CVE affects BPQ32 6.0.24.1, identifying an SEH-based buffer overflow in the BPQ32 HTTP Server that enables remote code execution via an HTTP POST /TermInput request when an attacker has Web Terminal access. The Red Hat advisory confirms the vulnerability path and impact. Public sources (PT-S...

CVE-2024-34087

An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request...

RHEL 9 : httpd (RHSA-2024:5812)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5812 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

RHEL 9 : httpd (RHSA-2024:5832)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5832 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

Exploit for Improper Encoding or Escaping of Output in Apache Http_Server

CVE-2024-38473 Nuclei Template !imagehttps://github.com/us...

OESA-2024-2051 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2270)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

httpd security update

An update is available for httpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

httpd:2.4 security update

An update is available for module.modmd, module.modhttp2, modhttp2, httpd, modmd, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2024-2215)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend...

EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-2168)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 respons...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2168)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2193)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities have been identified in IBM HTTP Server used by IBM Rational ClearQuest

Summary IBM HTTP Server IHS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting IHS have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

PT-2024-28431 · Undefined · Undefined

"Source": "CVE FEED", "Title": "CVE-2024-39306 - Apache HTTP Server Cross-Site Scripting Vulnerability", "Content": "CVE ID : CVE-2024-39306 Published : Aug. 19, 2024, 2:15 p.m. | 33 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-39304...

Amazon Linux 2 : httpd (ALAS-2024-2606)

The version of httpd installed on the remote host is prior to 2.4.62-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2606 advisory. A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based...

OESA-2024-1985 python-twisted security update

Twisted is an event-based framework for internet applications, supporting Python 2.7 and Python 3.5+. It includes modules for many different purposes, including the following: Security Fixes: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1...

CBL Mariner 2.0 Security Update: httpd (CVE-2024-24795)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24795 advisory. - HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject maliciou...

CVE-2024-42367

A vulnerability was found in aiohttp. Static routes that contain files with compressed variants .gz or .br extension were vulnerable to path traversal outside the root directory if those variants were symbolic links. Servers with static routes that contain compressed variants as symbolic links,...

PT-2024-12596 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an information disclosure problem. No specific details about the issue are available due to the removal of references and descriptions. Recommendations: At the...