Lucene search
K

113 matches found

Fedora
Fedora
added 2018/10/19 3:51 p.m.34 views

[SECURITY] Fedora 27 Update: mod_http2-1.11.1-1.fc27

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

5.9CVSS1.9AI score0.51002EPSS
Exploits0
Fedora
Fedora
added 2018/10/15 10:47 a.m.43 views

[SECURITY] Fedora 28 Update: mod_http2-1.11.1-1.fc28

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

5.9CVSS1.9AI score0.51002EPSS
Exploits0
Fedora
Fedora
added 2018/04/05 11:58 p.m.32 views

[SECURITY] Fedora 27 Update: mod_http2-1.10.16-1.fc27

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

5.9CVSS1.9AI score0.13436EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/01 12:0 a.m.34 views

Amazon Linux AMI : mod_dav_svn / subversion (ALAS-2016-676)

It was found that when an SVN server both svnserve and httpd with the moddavsvn module searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable for example, if it had been moved. CVE-2015-3187 An integer overflow wa...

9CVSS7.5AI score0.57037EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/09/08 1:9 p.m.45 views

Moderate: Red Hat Security Advisory: subversion security update

Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS6.8AI score0.12841EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2015/08/24 6:25 p.m.7 views

httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4

It was discovered that in httpd 2.4, the internal API function apsomeauthrequired could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied...

4.3CVSS6.7AI score0.18795EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/08/18 12:0 a.m.36 views

Amazon Linux AMI : httpd24 (ALAS-2015-579)

It was discovered that in httpd 2.4, the internal API function apsomeauthrequired could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. CVE-2015-3185...

5CVSS6.3AI score0.73327EPSS
Exploits0References5
Amazon
Amazon
added 2015/08/17 12:0 a.m.67 views

Medium: httpd24

Issue Overview: It was discovered that in httpd 2.4, the internal API function apsomeauthrequired could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied...

5CVSS7.1AI score0.73327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/08/13 12:0 a.m.26 views

Debian DSA-3331-1 : subversion - security update

Several security issues have been found in the server components of the version control system subversion. - CVE-2015-3184 Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that...

5CVSS7AI score0.10607EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2015/05/12 5:5 p.m.51 views

Security update for php5 (important)

PHP was updated to fix three security issues. The following vulnerabilities were fixed: CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 CVE-2015-3329: Specially crafted PHAR data could lead to...

7.5CVSS1.1AI score0.38434EPSS
Exploits3References4
Mageia
Mageia
added 2014/08/05 8:8 p.m.51 views

Updated ocsinventory packages fix security vulnerability

Multiple cross-site scripting XSS vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors CVE-2014-4722. Also, the web interface has been fixed to work with Apache HTTPD 2.4...

4.3CVSS5.8AI score0.02347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/07 12:0 a.m.20 views

Fedora 17 : BackupPC-3.2.1-10.fc17 (2012-20968)

cleanup build macros for Fedora - fix deprecated qw messages partial fix for bz 755076 - CVE-2011-5081 BackupPC: XSS flaw in RestoreFile.pm bz 795017, 795018, 795019 - Broken configuration for httpd 2.4 bz 871353 Note that Tenable Network Security has extracted the preceding description block...

4.3CVSS5.3AI score0.02067EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2012/11/26 12:0 a.m.21 views

Fedora 18 : awstats-7.0-11.fc18 (2012-18364)

added more hardening in parsing input data and adjusted awstats.conf for httpd-2.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

4.3CVSS5.4AI score0.05796EPSS
Exploits1References3
Rows per page
Query Builder