(Pwn2Own) Lexmark MC3224i fax_change_faxtrace_setting Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the faxchangefaxtracesettings script. The issue results from the lack...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1932)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2023-1901)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2023-1932)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

CVE-2023-2682

A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component MiniHTTPD. The manipulation of the argument address with the input ;id;uname$IFS-a leads to command injection. The attack...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1847)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1805)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1823)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2023-1805)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affect...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1758)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : httpd (EulerOS-SA-2023-1780)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header...

EulerOS 2.0 SP11 : httpd (EulerOS-SA-2023-1758)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1737)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2023-2161

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-51.rv3.5.src.rpm CVE-ID: CVE-2022-28614 BDU-ID: 2022-04102 CVE-Crit: MEDIUM CVE-DESC: A vulnerability in the aprwrite function of the Apache HTTP Server web server is related to integer overflow. Exploitation of the...

CVE-2023-29778

GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread...

CVE-2023-29778

GL.iNET MT3000 4.1.0 Release 2 is documented as vulnerable to an OS Command Injection via the /usr/lib/oui-httpd/rpc/logread endpoint. The affected component is the logread handler in the oui-httpd path; CVSS v3.1 metrics indicate a critical impact (CRITICAL, 9.8) affecting confidentiality, integ...

Advisory ROSA-SA-2023-2159

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: 2.4.37 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries. Exploitation of the...

Advisory ROSA-SA-2023-2158

Software: httpd 2.4.6 OS: rosa-server79 packageevrstring: 2.4.6-98.7 CVE-ID: CVE-2021-40438 BDU-ID: 2021-04820 CVE-Crit: CRITICAL CVE-DESC: A vulnerability in the modproxy module of the Apache HTTP Server web server is related to insufficient validation of incoming requests. Exploitation of the...

Important: Red Hat Security Advisory: httpd and mod_http2 security update

An update for httpd and modhttp2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...