CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2023/06/05 12:30 p.m.•3 views

httpd: mod_dav: out-of-bounds read/write of zero byte

A flaw was found in the moddav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service...

7.5CVSS7.1AI score0.00468EPSS

RedHat Linux•added 2023/06/05 11:46 a.m.•3 views

httpd: mod_dav: out-of-bounds read/write of zero byte

7.5CVSS7.1AI score0.00468EPSS

Tenable Nessus•added 2023/06/05 12:0 a.m.•50 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 (RHSA-2023:3354)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3354 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

9.8CVSS7.6AI score0.88334EPSS

Exploits11References30

Rosalinux•added 2023/04/25 11:49 a.m.•45 views

Advisory ROSA-SA-2023-2159

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: 2.4.37 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries. Exploitation of the...

9.8CVSS8.9AI score0.7629EPSS

Exploits3

Rockylinux•added 2023/04/06 3:53 p.m.•67 views

httpd security and bug fix update

An update is available for httpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

OSV•added 2023/04/06 3:53 p.m.•45 views

RLSA-2023:0970 Moderate: httpd security and bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: moddav: out-of-bounds read/write of zero byte CVE-2006-20001 httpd: modproxyajp: Possible request smuggling CVE-2022-36760 httpd: modproxy: HTTP response splitting...

7.5CVSS7.8AI score0.00539EPSS

Exploits0References4

IBM Security Bulletins•added 2023/03/31 4:41 p.m.•65 views

Security Bulletin: Vulnerability in Apache HTTP Server affect Cloud Pak System (CVE-2006-20001)

Summary Denial of service vulnerability in moddav module of Apache HTTP Server affects Cloud Pak System. Vulnerability Details CVEID:CVE-2006-20001 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by an out-of-bounds read or write of zero in moddav. By sending a...

7.5CVSS8.3AI score0.00468EPSS

Exploits0Affected Software1

CloudLinux•added 2023/03/06 9:6 p.m.•51 views

httpd: Fix of CVE-2006-20001

CVE-2006-20001: moddav: out-of-bounds read/write...

7.5CVSS8.5AI score0.00468EPSS

RedHat Linux•added 2023/02/28 8:28 a.m.•98 views

Moderate: Red Hat Security Advisory: httpd security and bug fix update

An update for httpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9CVSS6.7AI score0.00539EPSS

Exploits0References4

OSV•added 2023/02/28 12:0 a.m.•43 views

ALSA-2023:0970 Moderate: httpd security and bug fix update

9CVSS7.8AI score0.00539EPSS

Exploits0References8

AlmaLinux•added 2023/02/28 12:0 a.m.•67 views

Moderate: httpd security and bug fix update

Oracle linux•added 2023/02/28 12:0 a.m.•77 views

Exploits0References8

httpd security and bug fix update

2.4.53-7.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.53-7.1 - Resolves: 2165975 - prevent sscg creating /dhparams.pem - Resolves: 2165970 - CVE-2006-20001 httpd: moddav: out-of-bounds read/write of zero byte - Resolves: 2165973 - CVE-2022-37436 httpd: modproxy: HTTP...

Rockylinux•added 2023/02/22 1:8 a.m.•62 views

httpd:2.4 security and bug fix update

An update is available for modhttp2, modmd, httpd, module.httpd, module.modmd, module.modhttp2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

9CVSS7.7AI score0.00539EPSS

OSV•added 2023/02/22 1:8 a.m.•47 views

RLSA-2023:0852 Moderate: httpd:2.4 security and bug fix update

7.5CVSS7.8AI score0.00539EPSS

Oracle linux•added 2023/02/22 12:0 a.m.•65 views

httpd:2.4 security and bug fix update

httpd 2.4.37-51.0.1.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-51.1 - Resolves: 2165967 - prevent sscg creating /dhparams.pem - Resolves: 2165976 - CVE-2006-20001 httpd: moddav: out-of-bounds read/write of zero...

F5 Networks•added 2023/02/21 7:8 p.m.•28 views

K15300: Apache HTTP Server mod_dav DoS vulnerability CVE-2013-6438

Security Advisory Description The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE...

5CVSS7.2AI score0.39561EPSS

Exploits2Affected Software19

RedHat Linux•added 2023/02/21 9:35 a.m.•2 views

httpd: mod_dav: out-of-bounds read/write of zero byte

7.5CVSS7.1AI score0.00468EPSS

RedHat Linux•added 2023/02/21 9:35 a.m.•166 views

Moderate: Red Hat Security Advisory: httpd:2.4 security and bug fix update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9CVSS6.7AI score0.00539EPSS