11634 matches found
Moderate: Red Hat Security Advisory: mod_auth_openidc security and bug fix update
An update for modauthopenidc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Moderate: Red Hat Security Advisory: libmicrohttpd security update
An update for libmicrohttpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
httpd: mod_proxy_uwsgi HTTP response splitting
An HTTP Response Smuggling vulnerability was found in the Apache HTTP Server via modproxyuwsgi. This security issue occurs when special characters in the origin response header can truncate or split the response forwarded to the client...
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory...
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory...
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory...
Buffer overflow
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory...
Design/Logic Flaw
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
[SECURITY] Fedora 37 Update: httpd-2.4.58-1.fc37
The Apache HTTP Server is a powerful, efficient, and extensible web server...
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
ALSA-2023:6566 Moderate: libmicrohttpd security update
GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
ALSA-2023:6365 Moderate: mod_auth_openidc security and bug fix update
The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory...
CVE-2023-43886
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory...
RHEL 9 : skopeo (RHSA-2023:6363)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6363 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...
CVE-2023-43885
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device...
CVE-2023-43885
CVE-2023-43885 affects the Tenda RX9 Pro router (Firmware V22.03.02.20) through the HTTP server component. The root cause is missing error handling in the HTTP server, enabling authenticated attackers to arbitrarily lock the device. The vulnerability is assessed with a CVSSv3.1 base score of 8.1 ...