5773 matches found
CVE-2024-45413
The CVE-2024-45413 issue affects the HTTPD binary in multiple ZTE routers. A stack-based buffer overflow in rsa_decrypt, an API wrapper for LUA used to decrypt RSA ciphertext, stores decrypted data on the stack without length checks. This allows an authenticated attacker to achieve remote code ex...
CVE-2024-45415
The CVE-2024-45415 issue affects multiple ZTE routers running HTTPD. A stack-based buffer overflow in check_data_integrity, which validates the checksum of POST data, allows an unauthenticated attacker to achieve root RCE by triggering improper handling of the decrypted, unchecked checksum on the...
CVE-2024-45415
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in checkdataintegrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksu...
CVE-2024-45416
CVE-2024-45416 affects the HTTPD binary in multiple ZTE routers. A local file inclusion flaw exists in session_init: session files stored in /var/lua_session are enumerated and executed via dofile without validating whether each file is a valid session file. An attacker able to place a malicious ...
RHSA-2014:0783 Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 httpd security and bug fix update
Bulletin has no description...
RHSA-2014:0826 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2 httpd security update
Bulletin has no description...
RHSA-2014:0370 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2014:0369 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2013:1156 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2013:1133 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2013:0815 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2013:0130 Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2013:0512 Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2012:0323 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2012:0128 Red Hat Security Advisory: httpd security update
Bulletin has no description...
RHSA-2012:0542 Red Hat Security Advisory: httpd security and bug fix update
Bulletin has no description...
RHSA-2011:1392 Red Hat Security Advisory: httpd security and bug fix update
Bulletin has no description...
RHSA-2011:1391 Red Hat Security Advisory: httpd security and bug fix update
Bulletin has no description...
RHSA-2010:0659 Red Hat Security Advisory: httpd security and bug fix update
Bulletin has no description...
RHSA-2010:0396 Red Hat Security Advisory: httpd and httpd22 security and enhancement update
Bulletin has no description...