11647 matches found
The vulnerability of the HTTP server software implementation in HAProxy arises from insufficient input validation, allowing attackers to compromise data integrity.
The vulnerability of the HTTP server software of HAProxy is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise data integrity from a remote location...
Oracle HTTP Server (Jan 2023 CPU)
The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the Jan 2023 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Centralized Thirdparty Jars Expat. The supported version tha...
CVE-2022-3918
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...
CVE-2022-3918
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...
Crlf injection
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...
CVE-2022-3918
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...
CVE-2022-3918
CVE-2022-3918 involves Swift’s FoundationNetworking (swift-corelibs-foundation). A CRLF injection flaw in URLRequest headers allows a client to insert CRLF sequences into a header value, which may cause the server to parse extra headers or a second request when sent via URLSession. The vulnerabil...
Oracle Enterprise Manager Ops Center UCE Patches (Oct 2021 CPU)
The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking Apache HTTP...
openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2022:2139-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2139-1 advisory. - clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP server...
Oracle Enterprise Manager Ops Center UCE Patches (Jan 2023 CPU)
The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by a vulnerability as referenced in the January 2023 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Update Provisioning Apache HTTP...
CVE-2006-20001
A flaw was found in the moddav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. Mitigation Disabling moddav and restarting httpd will mitigate this flaw...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in Fusion Middleware products, including WebLogic Server and HTTP Server. A unauthenticated malicious person could potentially exploit them to execute arbitrary code. To do so, it would need to malicious network traffic should be sent to the vulnerable system. sen...
Vulnerabilities fixed in Apache web server
Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Apache has released updates to fix the...
FreeBSD : Apache httpd -- Multiple vulnerabilities (00919005-96a3-11ed-86e9-d4c9ef517024)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 00919005-96a3-11ed-86e9-d4c9ef517024 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero...
Apache HTTP Server < 2.4.55 Multiple Vulnerabilities - Linux
Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...
Apache 2.4.x < 2.4.55 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.55. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.55 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory locatio...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current httpd Multiple Vulnerabilities (SSA:2023-018-02)
The version of httpd installed on the remote host is prior to 2.4.55. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-018-02 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory...
Apache HTTP Server < 2.4.55 Multiple Vulnerabilities - Windows
Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...
CVE-2022-36760
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...
CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...