11634 matches found
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache HTTP Server vulnerability (USN-6902-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6902-1 advisory. It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibl...
The vulnerability of the Apache HTTP Server web server is related to insufficient checking of incoming requests, which allows attackers to perform SSRF attacks.
The vulnerability of the Apache HTTP Server is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
KLA70466 Multiple vulnerabilities in Apache HTTP Server
Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities: 1. Security vulnerability in SSRF can be exploited to bypass security restrictions. 2. Security vulnerability ...
PT-2024-4844
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.4.62 Description: The issue is related to a Server-side Request Forgery SSRF vulnerability in the mod rewrite module of the Apache HTTP Server on Windows. This vulnerability can be exploited by a remote...
Apache httpd -- Source code disclosure with handlers configured via AddType
The Apache httpd project reports: source code disclosure with handlers configured via AddType CVE-2024-40725 Important: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar...
Apache 2.4.60 < 2.4.62 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.62. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.62 advisory. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based...
Exploit for Path Traversal in Apache Http_Server
Installation et Exécution du script 💻 Prérequis Avant de...
Exploit for Path Traversal in Apache Http_Server
Installation et Exécution du script 💻 Prérequis Avant de...
EulerOS 2.0 SP9 : httpd (EulerOS-SA-2024-1936)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.CVE-2023-38709...
Security Bulletin: Multiple vulnerabilities in libcURL affect IBM DevOps Code ClearCase.
Summary libcURL vulnerabilities were disclosed by the libcURL Project. libcURL is used by IBM DevOps Code ClearCase. CVE-2023-46219, CVE-2023-46218 Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw...
Security Bulletin: Vulnerability with Perl, Snappy, Psf Request, spring-web-5.3.33.jar , Apache HTTP Server, OpenJDK, affect IBM Cloud Object Storage Systems (July 2024v1)
Summary Vulnerability with Perl CVE-2023-47038, Snappy CVE-2024-36124, Psf Request CVE-2024-35195, spring-web-5.3.33.jar CVE-2024-22262 , Apache HTTP Server, CVE-2024-24795, CVE-2023-38709 OpenJDK CVE-2024-21094, CVE-2024-21011, CVE-2024-21085, CVE-2024-21068, CVE-2024-21012,. This vulnerability...
The vulnerability of the WebSocket protocol in the Apache HTTP Server web server allows a attacker to induce a service failure.
The vulnerability of the WebSocket protocol in the Apache HTTP Server is related to the assignment of a null pointer. Exploiting this vulnerability could allow a malicious actor to cause a service failure...
[SECURITY] [DSA 5729-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5729-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 11, 2024 https://www.debian.org/security/faq -...
USN-6885-2: Apache HTTP Server regression
USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server...
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow
Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...
RHEL 9 : httpd (RHSA-2024:4504)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4504 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyuwsgi HTTP respon...
Critical Photon OS Security Update - PHSA-2024-5.0-0314
Updates of 'emacs', 'httpd' packages of Photon OS have been released...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache HTTP Server regression (USN-6885-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6885-2 advisory. USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP...
Exploit for Code Injection in Rejetto Http_File_Server
An unauth SSTI in the Rejetto HTTP File Server HFS. Original...
Mageia: Security Advisory (MGASA-2024-0258)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...