CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5781 matches found

VulnCheck KEV•added 2022/02/22 12:0 a.m.•6 views

VulnCheck KEV: CVE-2017-9788

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '=' assignment could reflect the...

9.1CVSS6.7AI score0.5677EPSS

Exploits0References1

Zero Day Initiative•added 2022/02/22 12:0 a.m.•84 views

TP-Link TL-WR940N httpd newBridgessid Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...

6.8CVSS3.1AI score0.00724EPSS

Exploits0

Zero Day Initiative•added 2022/02/22 12:0 a.m.•29 views

TP-Link TL-WR940N httpd Improper Access Control Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default...

6.5CVSS0.8AI score0.0058EPSS

Exploits0

OSV•added 2022/02/18 6:15 p.m.•3 views

CVE-2021-20325

Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be...

9.8CVSS6.9AI score0.01569EPSS

Exploits0References1

Prion•added 2022/02/18 6:15 p.m.•45 views

Design/Logic Flaw

10CVSS9.3AI score0.99999EPSS

Exploits5References1Affected Software1

UbuntuCve•added 2022/02/18 6:15 p.m.•57 views

CVE-2021-20325

10CVSS7.1AI score0.99999EPSS

Exploits5References2

CVE•added 2022/02/18 5:50 p.m.•696 views

CVE-2021-20325

CVE-2021-20325 documents a Red Hat-specific security regression for Apache HTTP Server in Red Hat Enterprise Linux 8.5.0. The issue arises from missing fixes for CVE-2021-40438 and CVE-2021-26691 in the 8.5.0 httpd packages, making new 8.5.0 installations susceptible to those CVEs (while upstream...

10CVSS9.4AI score0.01569EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/02/18 5:50 p.m.•48 views

CVE-2021-20325

9.6AI score0.01569EPSS

Exploits0References1

Debian CVE•added 2022/02/18 5:50 p.m.•132 views

CVE-2021-20325

10CVSS8.3AI score0.01569EPSS

Exploits0

OpenVAS•added 2022/02/13 12:0 a.m.•48 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1124)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.99999EPSS

Exploits5References4

Tenable Nessus•added 2022/02/13 12:0 a.m.•62 views

EulerOS Virtualization 3.0.6.6 : httpd (EulerOS-SA-2022-1124)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

9.8CVSS7.9AI score0.99999EPSS

Exploits5References7

OpenVAS•added 2022/02/13 12:0 a.m.•31 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1069)

9.8CVSS7.9AI score0.68067EPSS

Exploits0References2

OpenVAS•added 2022/02/12 12:0 a.m.•35 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1044)

9.8CVSS9.2AI score0.99999EPSS

Exploits5References4

Tenable Nessus•added 2022/02/11 12:0 a.m.•51 views

EulerOS Virtualization 3.0.6.0 : httpd (EulerOS-SA-2022-1044)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.9AI score0.99999EPSS

Exploits5References5

Zero Day Initiative•added 2022/02/10 12:0 a.m.•42 views

TP-Link TL-WR940N httpd httpRpmFs Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack...

8.8CVSS3.9AI score0.01905EPSS

Exploits0

Tenable Nessus•added 2022/02/09 12:0 a.m.•45 views

AlmaLinux 8 : httpd:2.4 (ALSA-2021:4537)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4537 advisory. httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in AlmaLinux CVE-2021-20325 Tenable has extracted the preceding description block directly from the...

10CVSS7.6AI score0.99999EPSS

Exploits5References2

OSV•added 2022/02/08 3:15 p.m.•2 views

CVE-2021-44864

TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter...

6.5CVSS5.8AI score0.10187EPSS

Exploits1References1