EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-2168)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 respons...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2139)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2119)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2193)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2168)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : httpd (EulerOS-SA-2024-2193)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 respons...

CVE-2024-42633

A Command Injection vulnerability exists in the doupgradepost function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges...

TP-LINK RE365 安全漏洞

RE365 is a WiFi range extender from China's TP-LINK. A buffer overflow vulnerability exists in the RE365 V1180213 version of TP-LINK Technologies Ltd. The vulnerability stems from the lack of length validation of the /usr/bin/httpd.USERAGENT field, which can be exploited by an attacker to cause a...

CVE-2024-42815

TP-Link RE365 V1_180213 is affected by CVE-2024-42815 due to a buffer overflow in /usr/bin/httpd arising from insufficient length verification of the USER_AGENT field. This can allow remote attackers to crash the device or execute arbitrary commands. The vulnerability is widely reported across mu...

PT-2024-30084 · Linksys · Linksys E1500

Name of the Vulnerable Software and Affected Versions: Linksys E1500 version 1.0.06.001 Description: A Command Injection vulnerability exists in the do upgrade post function of the httpd binary. As a result, an authenticated attacker can execute OS commands with root privileges. This could...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2024-2119)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP...

CVE-2024-42633

A Command Injection vulnerability exists in the doupgradepost function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2024-2139)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP...

[SECURITY] Fedora 39 Update: httpd-2.4.62-2.fc39

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Fedora 39 : httpd (2024-e83af0855e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e83af0855e advisory. - Fix regression introduced by CVE-2024-38474 fix ---- - new version 2.4.62 - Fixes CVE-2024-40725 Tenable has extracted the preceding description...

Amazon Linux 2 : httpd (ALAS-2024-2606)

The version of httpd installed on the remote host is prior to 2.4.62-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2606 advisory. A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based...

Fedora: Security Advisory (FEDORA-2024-e83af0855e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: httpd (CVE-2024-24795)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24795 advisory. - HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject maliciou...

CBL Mariner 2.0 Security Update: httpd (CVE-2023-38709)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38709 advisory. - Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to...

CBL Mariner 2.0 Security Update: httpd / mod_http2 (CVE-2024-27316)

The version of httpd / modhttp2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27316 advisory. - HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to genera...