EulerOS 2.0 SP5 : httpd (EulerOS-SA-2021-2333)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2333)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important Photon OS Security Update - PHSA-2021-0427

Updates of 'curl', 'mysql' packages of Photon OS have been released...

Null Pointer Dereference Vulnerability in Multiple D-Link Products (CNVD-2021-94840)

The D-Link DAP-2310 is a single-band wireless network access point for small businesses or schools that need a fast and reliable wireless network.The D-Link DAP-2330 is a wireless N300 single-band PoE access point. A null pointer dereference vulnerability exists in multiple D-Link products, which...

CVE-2021-33193

A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity. Mitigation This flaw can be mitigated by disabling HTTP/2. More information available at:...

Null pointer dereference

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the uploadcertificate function of sbin/httpd...

Null pointer dereference

Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in the sbin/httpd binary. The crash happens a...

CVE-2021-28840

CVE-2021-28840 targets multiple D-Link DAP access points (DAP-2310, -2330, -2360, -2553, -2660, -2690, -2695, -3320, -3662). The root cause is a NULL pointer dereference in the upload_config function of sbin/httpd: when handling a specific HTTP GET, upload_file is NULL and strncasecmp is called w...

CVE-2021-28838

CVE-2021-28838 describes a null pointer dereference in the sbin/httpd binary affecting multiple D-Link devices (DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2660, DAP-2690, DAP-2695, DAP-3320, DAP-3662). The crash is triggered when a specific network packet is sent to httpd, occurring at an atoi o...

CVE-2021-28838

Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in the sbin/httpd binary. The crash happens a...

D-Link DAP-2310和DAP-2330 代码问题漏洞

The D-Link DAP-2310 is a single-band wireless network access point for small businesses or schools that need a fast and reliable wireless network.The D-Link DAP-2330 is a wireless N300 single-band PoE access point. A null pointer dereference vulnerability exists in multiple D-Link products, which...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-2298)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-6482 CVE-2021-32792 affecting package httpd for versions less than 2.4.52-1

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, there is an XSS vulnerability in when using OIDCPreservePost ...

AZL-6481 CVE-2021-32791 affecting package httpd for versions less than 2.4.52-1

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, the AES GCM encryption in modauthopenidc uses a static IV and...

Medium: httpd24

Issue Overview: A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections. CVE-2019-17567 A flaw was found in HTTPd. In some Apache HTTP Server versions, unprivileged local users can stop HTTPd on Windows. The highest threat from this vulnerability is to syste...

CVE-2021-26691 affecting package httpd 2.4.46-6

CVE-2021-26691 affecting package httpd 2.4.46-6. A patched version of the package is available...

CVE-2020-11993 affecting package httpd 2.4.43-

CVE-2020-11993 affecting package httpd 2.4.43-. An upgraded version of the package is available that resolves this issue...

CVE-2021-26690 affecting package httpd 2.4.46-6

CVE-2021-26690 affecting package httpd 2.4.46-6. A patched version of the package is available...

CVE-2020-35452 affecting package httpd 2.4.46-6

CVE-2020-35452 affecting package httpd 2.4.46-6. A patched version of the package is available...

CVE-2020-13950 affecting package httpd 2.4.46-6

CVE-2020-13950 affecting package httpd 2.4.46-6. A patched version of the package is available...