CVE-2024-41594

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL...

CVE-2024-41594

DrayTek Vigor310 devices up to version 4.3.2.6 are affected by CVE-2024-41594 due to the httpd server seeding the OpenSSL PRNG with a static string. This enables an information-disclosure vector (and related MITM risk) via the Vigor310 management UI. Connected sources provide concrete details: af...

CVE-2024-41594

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL...

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - subversion: moddavsvn integer overflow when parsing skel-encoded request bodies CVE-2015-5343 - The...

CVE-2023-49007

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-75822)

Tenda AC9 is a wireless router from Tenda, China. Tenda AC9 V15.03.2.13 is vulnerable to a buffer overflow vulnerability caused by a stack buffer overflow in formfastsettingwifiset in the httpd server. An authenticated local attacker can exploit this vulnerability to cause a denial of service...

CVE-2022-37175

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet...

Stack overflow

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet...

CVE-2022-37175

The CVE-2022-37175 entry concerns Tenda AC15 devices with firmware V15.03.05.18. The httpd server has a stack buffer overflow in /goform/formWifiBasicSet due to boundary handling issues, enabling a potential remote impact. Public records describe this vulnerability as a potential arbitrary-code e...

CVE-2022-37175

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet...

Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache HTTPD Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apescapehtml2 function. The issue results from the lack of proper validation of...

CVE-2022-24070

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS

Don’t duck at the latest mention of Apache: Two critical bugs in its HTTP web server – HTTPD – need to be patched pronto, lest they lead to attackers triggering denial of service DoS or bypassing your security policies. Apache, the open-source software foundation behind the Log4J logging library...

SonicWall Secure Mobile Access Multiple Vulnerabilities (SNWLID-2021-0026)

According to its self-reported version, the remote SonicWall Secure Mobile Access is affected by multiple vulnerabilities, including: - An unauthenticated stack-based buffer overflow due to the SonicWall SMA SSLVPN Apache httpd server GET method of modcgi module environment variables use a single...

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server’s modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a ‘nobody’ user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

PT-2021-5651 · Apache +1 · Apache Http Server +6

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Appliances version 10.2.0.8-37sv SonicWall SMA 100 Appliances version 10.2.1.1-19sv SonicWall SMA 100 Appliances version 10.2.1.2-24sv SonicWall SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19s...

Clustered Data ONTAP Denial of Service Vulnerability

Clustered Data ONTAP is a proprietary operating system used by NetApp for storage disk arrays.A denial-of-service vulnerability exists in Clustered Data ONTAP. An attacker could exploit this vulnerability to cause the httpd server to crash...

CVE-2021-27005

Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server...