Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3245)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in httpd (CVE-2023-25690) affects Power HMC

Summary HTTPD is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-25690 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by an error when modproxy is enabled along with some form of...

PT-2023-9008 · Tp Link · Eap225 V3

Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Description: A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality. This issue can be triggered by a...

CVE-2023-49007

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...

CVE-2023-49007

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...

Stack overflow

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...

CVE-2023-49007

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...

CLSA-2023-1701706552 httpd: Fix of 2 CVEs

CVE-2023-27522: modproxyuwsgi: HTTP response splitting - CVE-2023-31122: modmacro: fix out-of-bounds read vulnerability by using own strncmp function...

The vulnerability of the httpd microprogramming system in TP-Link TL-WR902AC Wi-Fi routers allows a intruder to gain unauthorized access to protected information.

The vulnerability of the httpd microprogramming system in TP-Link Wi-Fi routers like the TL-WR902AC is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

PT-2023-9787 · Openbsd · Openbsd +1

Name of the Vulnerable Software and Affected Versions: OpenBSD versions 7.3 through 7.4 before errata 006 and 7.3 before errata 020 OpenBSD version 7.3 before errata 020 Description: The issue is related to a NULL dereference when handling a malformed fastcgi request in the httpd8 service. This c...

CVE-2023-38823

Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd...

Buffer overflow

Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd...

Security breaches in a number of Tenda products

Tenda AC9 and others are products of Tenda, a Chinese company.Tenda AC9 is a wireless router.Tenda AC6 is a wireless router.Tenda AC18 is a router.Tenda AC18 is a router.Tenda AC18 is a router.Tenda AC18 is a router.Tenda AC18 is a router.Tenda AC18 is a router. A security vulnerability exists in...

CVE-2023-38823

Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd...

PT-2023-7097 · Tp Link · Tp-Link Tl-Wr902Ac

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR902AC affected versions not specified Description: The issue is related to inadequate access control in the httpd service of TP-Link TL-WR902AC Wi-Fi routers. This allows a remote attacker to gain unauthorized access to protected...

TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR902AC routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default...

Important: httpd

Issue Overview: Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker opening an HTTP/2 connection with an initial window size of 0 to block handling of that...

httpd and mod_http2 security, bug fix, and enhancement update

httpd 2.4.57-5.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-5 - Fix issue found by covscan - Related: 2222001 2.4.57-4 - Resolves: 2217726 - Make PROPFIND tolerant of deletion race 2.4.57-3 - Resolves: 2222001 - modstatus lists BusyWorkers IdleWorkers keys twice...

CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1

CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-45802 affecting package httpd for versions less than 2.4.58-1

CVE-2023-45802 affecting package httpd for versions less than 2.4.58-1. An upgraded version of the package is available that resolves this issue...