K000140505: Apache HTTPD vulnerability CVE-2024-38473

Security Advisory Description Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixe...

Vivotek SD9364 安全漏洞

Vivotek SD9364 is a high-speed camera from China VIVOTEK Communications Vivotek. A security vulnerability exists in Vivotek SD9364 VVTK-0103f, which originates from the parameter Content-Llong of the component httpd that can cause a stack-based buffer overflow...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 7 : httpd (RHSA-2024:4938)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4938 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

CVE-2024-33365

Buffer Overflow vulnerability in Tenda AC10 v4 USAC10V4.0siV16.03.10.20cn allows a remote attacker to execute arbitrary code via the VirtualDataCheck function in the bin/httpd component...

Tenda AC10 安全漏洞

Tenda AC10 is a wireless router from Tenda China. A security vulnerability exists in the Tenda AC10 v4 USAC10V4.0siV16.03.10.20cn version. A remote attacker can exploit this vulnerability to execute arbitrary code via the VirtualDataCheck function in the bin/httpd component...

CVE-2024-33365

CVE-2024-33365 describes a buffer overflow in the Tenda AC10, version US_AC10V4.0si_V16.03.10.20_cn, where the remote attacker can execute arbitrary code through the bin/httpd component’s Virtual_Data_Check function. Root cause: overflow in that function. Impact: allows remote code execution with...

CVE-2024-33365

Buffer Overflow vulnerability in Tenda AC10 v4 USAC10V4.0siV16.03.10.20cn allows a remote attacker to execute arbitrary code via the VirtualDataCheck function in the bin/httpd component...

[SECURITY] Fedora 39 Update: mod_http2-2.0.29-1.fc39

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

[SECURITY] Fedora 40 Update: mod_http2-2.0.29-1.fc40

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

CBL Mariner 2.0 Security Update: httpd (CVE-2024-40725)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40725 advisory. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy...

Photon OS 3.0: Httpd PHSA-2024-3.0-0774

An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0774. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: httpd (CVE-2024-40898)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40898 advisory. - SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTM...

CVE-2024-40725 affecting package httpd for versions less than 2.4.62-1

CVE-2024-40725 affecting package httpd for versions less than 2.4.62-1. An upgraded version of the package is available that resolves this issue...

RLSA-2024:4726 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer dereference in modproxy...

httpd security update

An update is available for httpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

Photon OS 4.0: Httpd PHSA-2024-4.0-0659

An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0659. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Rocky Linux 9 : httpd (RLSA-2024:4726)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4726 advisory. httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer...

Moderate Photon OS Security Update - PHSA-2024-3.0-0774

Updates of 'httpd' packages of Photon OS have been released...