11634 matches found
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1380)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1359)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OSGi 3.18 Remote Code Execution
!/usr/bin/python Exploit Title: OSGi v3.8-3.18 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1332)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1310)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OSGi v3.8-3.18 Console - Remote Code Execute Exploit
!/usr/bin/python Exploit Title: OSGi v3.8-3.18 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...
EulerOS 2.0 SP8 : httpd (EulerOS-SA-2024-1273)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-1310)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is otherwise allowed o...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-1332)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows a malicious HTTP server to set 'super cookies' in curl that are then passed back to more origins than what is otherwise allowed o...
EulerOS 2.0 SP8 : curl (EulerOS-SA-2024-1260)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1260)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1273)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OSGi v3.8-3.18 Console - RCE
!/usr/bin/python Exploit Title: OSGi v3.8-3.18 Console RCE Date: 2023-07-28 Exploit Author: Andrzej Olchawa, Milenko Starcik, VisionSpace Technologies GmbH Exploit Repository: https://github.com/visionspacetec/offsec-osgi-exploits.git Vendor Homepage: https://eclipse.dev/equinox Software Link:...
IBM HTTP Server 8.5.0.0 < 8.5.5.26 / 9.0.0.0 < 9.0.5.18 DoS (7129933)
The version of IBM HTTP Server running on the remote host is affected by a denaial of service vulnerability. - libexpat is vulnerable to a denial of service, caused by improper system resource allocation. By sending a specially crafted request using an overly large token, a remote attacker could...
AlmaLinux 9 : curl (ALSA-2024:1129)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1129 advisory. - This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise allowed or possible. This...
Oracle Linux 9 : curl (ELSA-2024-1129)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1129 advisory. 7.76.1-26.el93.3 - cap SFTP packet size sent RHEL-14697 - lowercase the domain names before PSL checks CVE-2023-46218 Tenable has extracted the preceding...
BIT-MOODLE-2021-40694
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...
BIT-PYTHON-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...
BIT-PYTHON-2021-3733
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...
BIT-APACHE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...