Lucene search
K

11652 matches found

OSV
OSV
added 2022/09/29 3:15 a.m.17 views

CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

4.9CVSS6.6AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/09/29 3:15 a.m.36 views

CVE-2021-40694

Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account...

4.9CVSS6.8AI score0.00901EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 6:30 p.m.63 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager.

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about multiple security vulnerabilitiesCVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556 affecting IBM WebSphere...

9.8CVSS8.2AI score0.19008EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2022/09/26 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2383)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.90407EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.55 views

Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1862 PM87808

Abstract Potential Security exposure in IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1862 DESCRIPTION: IBM HTTP Server optional modrewrite module does not properly filter terminal escape sequences from logs, which could make it easier for a remot...

5.1CVSS6.7AI score0.24886EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.34 views

Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 PM85211

Abstract Potential Security Exposure with IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-0169 PM85211 DESCRIPTION: The TLS protocol in the GSKIT component of the IBM HTTP Server does not properly consider timing side-channel attacks, which could...

2.6CVSS6.5AI score0.35584EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.50 views

Security Bulletin: Potential Security exposure in IBM HTTP Server CVE-2013-1896 PM89996

Abstract Potential Security exposure in IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1896 DESCRIPTION: IBM HTTP Server may be vulnerable to a denial of service, caused by a malicious request when using the optional moddav module. CVSS: CVSS Base...

4.3CVSS6.8AI score0.29484EPSS
Exploits3Affected Software2
NVD
NVD
added 2022/09/23 2:15 p.m.19 views

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS0.01788EPSS
Exploits1References8
OSV
OSV
added 2022/09/23 2:15 p.m.45 views

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS2.2AI score0.01788EPSS
Exploits1References8
OSV
OSV
added 2022/09/23 2:15 p.m.2 views

ALPINE-CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS6.9AI score0.01788EPSS
Exploits1References1
Prion
Prion
added 2022/09/23 2:15 p.m.27 views

Design/Logic Flaw

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

2.6CVSS5.6AI score0.01788EPSS
Exploits1References8Affected Software3
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.8 views

NETGEAR N300 缓冲区错误漏洞

NETGEAR N300 is a wireless router from NETGEAR. A buffer error vulnerability exists in the NETGEAR N300 wireless router wnr2000v4-V1.0.0.70 version, which stems from susceptibility to uhttpd buffer overflow and a stack overflow vulnerability in strcpy...

9.8CVSS8.6AI score0.00955EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/09/23 12:0 a.m.47 views

EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2022-2347)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...

9.8CVSS7.8AI score0.90407EPSS
Exploits2References9
Cvelist
Cvelist
added 2022/09/23 12:0 a.m.34 views

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

5AI score0.01788EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/09/23 12:0 a.m.56 views

EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2022-2383)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an...

9.8CVSS7.8AI score0.90407EPSS
Exploits2References9
Debian CVE
Debian CVE
added 2022/09/23 12:0 a.m.68 views

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS6.2AI score0.01788EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/09/23 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-5629-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8AI score0.0199EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.25 views

Security Bulletin: A Security Vulnerability Has Been Identified in IBM HTTP Server Shipped With Asset and Service Management (CVE-2014-0963)

Summary IBM HTTP Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

7.1CVSS6.4AI score0.03077EPSS
Exploits0Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.21 views

Security Bulletin: Potential denial of service may affect IBM HTTP Server on Windows (CVE-2015-1829), impacting Asset and Service Management

Summary There is a potential denial of service that may affect IBM HTTP Server on Windows CVE-2015-1829. To exploit the attack requires local access to the server system. The attack affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for...

5CVSS7.7AI score0.02552EPSS
Exploits0Affected Software15
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/22 3:2 a.m.14 views

Security Bulletin: Vulnerability in SSLv3 affects TRIRIGA for Energy Optimization (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in TRIRIGA for Energy Optimization previously known as Intelligent Building Management. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION :...

4.3CVSS3.2AI score0.99999EPSS
Exploits7Affected Software1
Rows per page
Query Builder