Lucene search
K

85 matches found

Broadcom
Broadcom
added 2017/01/10 12:0 a.m.7 views

BSA-2017-501

Security Advisory ID : BSA-2017-501 Component : Apache HTTPD Revision : 2.0: Final In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to modauthdigest can cause the server to crash, and each instance continues to crash even for subsequently valid requests...

7.5CVSS7.7AI score0.20952EPSS
Exploits0
OSV
OSV
added 2012/07/25 7:55 p.m.4 views

DEBIAN-CVE-2012-2760

modauthopenid before 0.7 for Apache uses world-readable permissions for /tmp/modauthopenid.db, which allows local users to obtain session ids...

2.1CVSS6.6AI score0.01004EPSS
Exploits5References1
OSV
OSV
added 2011/07/28 6:55 p.m.2 views

DEBIAN-CVE-2011-2688

SQL injection vulnerability in mysql/mysql-auth.pl in the modauthnzexternal module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field...

7.5CVSS8.7AI score0.05659EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/12/21 5:39 p.m.5 views

mod_auth_mysql: character encoding SQL injection flaw

SQL injection vulnerability in modauthmysql.c in the mod-auth-mysql aka libapache2-mod-auth-mysql module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ backslash as part of the character encoding, allows remote attackers to execute arbitrary SQL...

7.5CVSS6.2AI score0.01863EPSS
Exploits1References4
OSV
OSV
added 2007/07/24 12:30 a.m.3 views

DEBIAN-CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

6.4CVSS6.8AI score0.03422EPSS
Exploits0References1
Rows per page
Query Builder