Lucene search
K

230 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Azure Linux 3.0 Security Update: httpd (CVE-2024-36387)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36387 advisory. - Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference,...

5.4CVSS6.9AI score0.01715EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/02/05 10:13 p.m.9 views

CVE-2012-0883 affecting package httpd for versions less than 2.4.2-1

CVE-2012-0883 affecting package httpd for versions less than 2.4.2-1. A patched version of the package is available...

6.9CVSS6.3AI score0.00946EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.32 views

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2025-1039)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of...

6.2CVSS7.1AI score0.04134EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/12/05 7:50 p.m.8 views

CVE-2024-11148 OpenBSD httpd(8) null dereference

In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd8 is vulnerable to a NULL dereference when handling a malformed fastcgi request...

8.7CVSS6.9AI score0.00421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/07 12:0 a.m.26 views

RHEL 8 : httpd:2.4 (RHSA-2024:6468)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6468 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

9.8CVSS7.4AI score0.41611EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/07 12:0 a.m.29 views

RHEL 8 : httpd:2.4 (RHSA-2024:6467)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6467 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

9.8CVSS7.4AI score0.41611EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/25 11:22 a.m.5 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/11 11:26 a.m.7 views

httpd: Security issues via backend applications whose response headers are malicious or exploitable

A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...

9.8CVSS7.1AI score0.41611EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/23 8:57 a.m.3 views

httpd: Potential SSRF in mod_rewrite

A flaw was found in the modrewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the modproxy module...

7.5CVSS7AI score0.35447EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.26 views

Slackware Linux 15.0 / current httpd Vulnerability (SSA:2024-185-02)

The version of httpd installed on the remote host is prior to 2.4.61. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-185-02 advisory. New httpd packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

6.2CVSS6.9AI score0.00889EPSS
Exploits0References2
OSV
OSV
added 2024/07/01 7:15 p.m.6 views

AZL-43089 CVE-2024-36387 affecting package httpd for versions less than 2.4.61-1

Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...

5.4CVSS6.4AI score0.01715EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 3:16 a.m.2 views

CVE-2023-50199

D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS5.9AI score0.00696EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.6 views

D-Link G416 安全漏洞

D-Link G416 is the AX1500 4G+ Smart Router launched by AUO in June 2025 , which supports Wi-Fi 6, AI Smart Optimization and 4G LTE Cat 6 network with up to 300Mbps internet speed. The D-Link G416 suffers from an authentication vulnerability that stems from a lack of authentication in the httpd...

8.8CVSS8.7AI score0.00696EPSS
Exploits0References3
OSV
OSV
added 2024/04/04 8:15 p.m.4 views

AZL-40001 CVE-2024-27316 affecting package httpd for versions less than 2.4.61-1

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion...

7.5CVSS6.8AI score0.91327EPSS
Exploits2References1
OSV
OSV
added 2024/01/15 4:15 a.m.7 views

CVE-2024-0538

A vulnerability has been found in Tenda W9 1.0.0.74456 and classified as critical. This vulnerability affects the function formQosManageauto of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

9.8CVSS6.3AI score0.01399EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/14 12:0 a.m.6 views

PT-2024-1454 · Tenda · Tenda W9

Name of the Vulnerable Software and Affected Versions: Tenda W9 version 1.0.0.74456 Description: A critical vulnerability has been found in the function formQosManage auto of the httpd component. The manipulation of the argument ssidIndex leads to a stack-based buffer overflow. This issue can be...

10CVSS7.8AI score0.01399EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/11/24 12:0 a.m.5 views

The vulnerability of the httpd microprogramming system in TP-Link TL-WR902AC Wi-Fi routers allows a intruder to gain unauthorized access to protected information.

The vulnerability of the httpd microprogramming system in TP-Link Wi-Fi routers like the TL-WR902AC is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.5CVSS6.5AI score0.00588EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.10 views

PT-2023-7097 · Tp Link · Tp-Link Tl-Wr902Ac

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR902AC affected versions not specified Description: The issue is related to inadequate access control in the httpd service of TP-Link TL-WR902AC Wi-Fi routers. This allows a remote attacker to gain unauthorized access to protected...

6.5CVSS6.7AI score0.00588EPSS
Exploits0References8
Prion
Prion
added 2023/10/11 4:15 p.m.26 views

Stack overflow

A stack-based buffer overflow vulnerability exists in the httpd managerequest functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability...

7.5CVSS9.5AI score0.00773EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/31 5:15 a.m.21 views

Design/Logic Flaw

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition...

5CVSS7.5AI score0.00615EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder