Lucene search
K

11646 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 9:26 p.m.57 views

Security Bulletin: IBM Aspera Orchestrator affected by an Apache HTTP Server vulnerability (CVE-2022-28614)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-28614 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an error in the aprwrite function. By reflecting very large...

5.3CVSS7.2AI score0.04428EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 8:49 p.m.95 views

Security Bulletin: IBM Aspera Orchestrator affected by vulnerability ( CVE-2022-31813)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-31813 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by the failure to send the X-Forwarded- headers to the origin...

9.8CVSS9.6AI score0.0314EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 8:39 p.m.47 views

Security Bulletin: IBM Aspera Orchestrator affected by HTTP request splitting attack due to Apache HTTP Server vulnerability (CVE-2021-33193)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-33193 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by improper input validation in HTTP/2 message processing. A remote attacker...

7.5CVSS7.5AI score0.46179EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:43 p.m.77 views

Security Bulletin: IBM Aspera Orchestrator vulnerable to HTTP request smuggling due to an Apache HTTP Server vulnerability (CVE-2022-26377)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-26377 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by an inconsistent Interpretation of HTTP Requests vulnerability in modproxyajp. An...

7.5CVSS8.5AI score0.19008EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:40 p.m.52 views

Security Bulletin: IBM Aspera Orchestrator was vulnerable to denial of service due to an Apache HTTP Server vulnerability (CVE-2021-34798)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-34798 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference in httpd core. By sending a specially crafted request, a...

7.5CVSS8.6AI score0.64509EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:37 p.m.37 views

Security Bulletin: IBM Aspera Orchestrator affected by buffer overflow vulnerability (CVE-2021-39275)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-39275 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking by the apescapequotes function. By sending specially crafted...

9.8CVSS9.3AI score0.36339EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:35 p.m.59 views

Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-23943)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-23943 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in modsed. By sending special...

9.8CVSS9.8AI score0.50401EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:34 p.m.33 views

Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-28330)

Summary The vulnerability CVE-2022-28330 has been remediated in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-28330 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to read beyond boun...

5.3CVSS6.8AI score0.03398EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:32 p.m.34 views

Security Bulletin: IBM Aspera Orchestrator affected by Apache HTTP Server vulnerability (CVE-2022-30556)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-30556 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an error in modlua with websockets. An attacker could exploi...

7.5CVSS8.4AI score0.04687EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:31 p.m.38 views

Security Bulletin: IBM Aspera Orchestrator affected by denial of service vulnerability (CVE-2021-36160)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-36160 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by an out-of-bounds read in modproxyuwsgi. By sending a specially crafted request...

7.5CVSS8.4AI score0.62887EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:29 p.m.56 views

Security Bulletin: IBM Aspera Orchestrator was vulnerable to a denial of service attack due to an Apache HTTP Server vulnerability (CVE-2022-30522)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-30522 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service when configured to do transformations with modsed in contexts where the input to modsed may be...

7.5CVSS8.4AI score0.90407EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:28 p.m.43 views

Security Bulletin: IBM Aspera Orchestrator affected by denial of service vulnerability (CVE-2022-22719)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-22719 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service. By using a specially crafted request body to read a random memory area, a remote attacker could...

7.5CVSS8.5AI score0.69803EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:18 p.m.62 views

Security Bulletin: IBM Aspera Orchestrator vulnerable to server-side request forgery due to Apache HTTP Server vulnerability (CVE-2021-40438)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-40438 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in modproxy. By sending a specially crafted request uri-path, a remo...

9CVSS9.1AI score0.99999EPSS
Exploits5Affected Software1
Ubuntu
Ubuntu
added 2023/02/02 1:34 p.m.97 views

USN-5839-2: Apache HTTP Server vulnerability

USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server modproxy module incorrectly truncated certain response headers. This may result in later...

5.3CVSS7.3AI score0.57941EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.57 views

Ubuntu 16.04 ESM : Apache HTTP Server vulnerability (USN-5839-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5839-2 advisory. USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...

5.3CVSS7.2AI score0.57941EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/02/01 1:9 p.m.171 views

USN-5839-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2006-20001 ZeddYuLu discovered that the Apache HTTP Server modproxyajp...

9CVSS7.1AI score0.57941EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.93 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache HTTP Server vulnerabilities (USN-5839-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5839-1 advisory. It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker...

9CVSS7AI score0.57941EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/02/01 12:0 a.m.40 views

Ubuntu: Security Advisory (USN-5834-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.8AI score0.03546EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/01/31 1:13 p.m.108 views

USN-5834-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module did not properly handle specially crafted request headers. A remote attacker could possibly use this issue to cause the process to crash, leading to a denial of service. CVE-2006-20001 It was discovered that the Apache HTTP Server...

9CVSS7.1AI score0.03546EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.37 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1260)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.99999EPSS
Exploits10References4
Rows per page
Query Builder