11652 matches found
CVE-2021-40694
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...
CVE-2021-40694
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager.
Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about multiple security vulnerabilitiesCVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556 affecting IBM WebSphere...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2383)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1862 PM87808
Abstract Potential Security exposure in IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1862 DESCRIPTION: IBM HTTP Server optional modrewrite module does not properly filter terminal escape sequences from logs, which could make it easier for a remot...
Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 PM85211
Abstract Potential Security Exposure with IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-0169 PM85211 DESCRIPTION: The TLS protocol in the GSKIT component of the IBM HTTP Server does not properly consider timing side-channel attacks, which could...
Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1896 PM89996
Abstract Potential Security exposure in IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1896 DESCRIPTION: IBM HTTP Server may be vulnerable to a denial of service, caused by a malicious request when using the optional moddav module. CVSS: CVSS Base...
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
ALPINE-CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
Design/Logic Flaw
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
NETGEAR N300 缓冲区错误漏洞
NETGEAR N300 is a wireless router from NETGEAR. A buffer error vulnerability exists in the NETGEAR N300 wireless router wnr2000v4-V1.0.0.70 version, which stems from susceptibility to uhttpd buffer overflow and a stack overflow vulnerability in strcpy...
EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2022-2347)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2022-2383)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
Ubuntu: Security Advisory (USN-5629-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: A Security Vulnerability Has Been Identified in IBM HTTP Server Shipped With Asset and Service Management (CVE-2014-0963)
Summary IBM HTTP Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...
Security Bulletin: Potential denial of service may affect IBM HTTP Server on Windows (CVE-2015-1829), impacting Asset and Service Management
Summary There is a potential denial of service that may affect IBM HTTP Server on Windows CVE-2015-1829. To exploit the attack requires local access to the server system. The attack affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for...
Security Bulletin: Vulnerability in SSLv3 affects TRIRIGA for Energy Optimization (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TRIRIGA for Energy Optimization previously known as Intelligent Building Management. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION :...