Lucene search
K

11650 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.33 views

Rocky Linux 9 : java-1.8.0-openjdk (RLSA-2022:7007)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7007 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are...

5.3CVSS6.1AI score0.02376EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.42 views

Rocky Linux 8 : httpd:2.4 (RLSA-2022:1049)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1049 advisory. - Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP...

9.8CVSS8.4AI score0.28189EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.44 views

Fedora 39 : httpd (2023-606f830772)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-606f830772 advisory. New version 2.4.58 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

7.5CVSS7.4AI score0.02978EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

RHEL 9 : httpd and mod_http2 (RHSA-2023:6403)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6403 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a...

7.5CVSS8.1AI score0.02134EPSS
Exploits0References11
OSV
OSV
added 2023/11/07 12:0 a.m.37 views

ALSA-2023:6403 Moderate: httpd and mod_http2 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.57. BZ2184403 Security Fixes: httpd: modproxyuwsgi HTTP response splitting CVE-2023-27522 For more details about th...

7.5CVSS9AI score0.02134EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.33 views

Moderate: libmicrohttpd security update

GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

5.9CVSS7.1AI score0.01243EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.48 views

Moderate: mod_auth_openidc security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS7.2AI score0.01327EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/06 2:17 p.m.44 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-31122)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

7.5CVSS7.5AI score0.02978EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.33 views

Rocky Linux 9 : python3.9 (RLSA-2022:8353)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8353 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may...

8CVSS7.3AI score0.07017EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.53 views

Rocky Linux 8 : httpd:2.4 (RLSA-2021:3816)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3816 advisory. - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 -...

9.8CVSS7.7AI score0.99999EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.52 views

Rocky Linux 8 : httpd:2.4 (RLSA-2020:4751)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4751 advisory. - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request...

9.1CVSS6.5AI score0.81466EPSS
Exploits6References25
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.37 views

Rocky Linux 8 : httpd:2.4 (RLSA-2021:4257)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4257 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash,...

7.5CVSS6.7AI score0.65067EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.47 views

Rocky Linux 8 : httpd:2.4 (RLSA-2021:1809)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1809 advisory. - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry...

9.8CVSS6.9AI score0.90039EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.41 views

Rocky Linux 8 : httpd:2.4 (RLSA-2022:0891)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0891 advisory. - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. CVE-2021-34798 -...

9.8CVSS8AI score0.64509EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.47 views

Rocky Linux 8 : httpd:2.4 (RLSA-2022:1915)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1915 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this...

8.2CVSS7.5AI score0.82295EPSS
Exploits1References11
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.22 views

Fedora: Security Advisory (FEDORA-2023-606f830772)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.02978EPSS
Exploits0References3
Fedora
Fedora
added 2023/11/03 7:3 p.m.41 views

[SECURITY] Fedora 39 Update: httpd-2.4.58-1.fc39

The Apache HTTP Server is a powerful, efficient, and extensible web server...

7.5CVSS7.2AI score0.02978EPSS
Exploits0
Amazon
Amazon
added 2023/11/03 12:0 a.m.59 views

Important: httpd24

Issue Overview: Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker opening an HTTP/2 connection with an initial window size of 0 to block handling of that...

7.5CVSS6.8AI score0.70595EPSS
Exploits1
OSV
OSV
added 2023/11/02 7:16 a.m.411 views

BIT-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern.This has been fixed in...

7.5CVSS6.6AI score0.70595EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.50 views

F5 Networks BIG-IP : Apache HTTP server vulnerability (K000132643)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.3 / 16.1.4.2 / 17.1.1.1. It is, therefore, affected by a vulnerability as referenced in the K000132643 advisory. - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp ...

9CVSS6.9AI score0.01879EPSS
Exploits0References2
Rows per page
Query Builder