Lucene search
K

513 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/25 12:0 a.m.59 views

AlmaLinux 9 : httpd (ALSA-2024:4726)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4726 advisory. httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer...

9.8CVSS7.6AI score0.99957EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/07/25 12:0 a.m.44 views

Amazon Linux AMI : httpd24 (ALAS-2024-1944)

The version of httpd24 installed on the remote host is prior to 2.4.61-1.103. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1944 advisory. Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts...

9.8CVSS8.1AI score0.99957EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2024/07/24 2:5 p.m.36 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated thi...

9.8CVSS7.2AI score0.99957EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/07/24 1:18 p.m.3 views

httpd: Improper escaping of output in mod_rewrite

A flaw was found in the modrewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure...

9.1CVSS7.4AI score0.99957EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/07/24 1:18 p.m.56 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated thi...

9.8CVSS7.2AI score0.99957EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/07/24 12:40 p.m.4 views

httpd: Substitution encoding issue in mod_rewrite

A flaw was found in the modrewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be execut...

9.8CVSS7.1AI score0.02456EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/24 12:40 p.m.46 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.99957EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/07/24 12:0 a.m.44 views

openSUSE Security Advisory (SUSE-SU-2024:2597-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.99957EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.42 views

AlmaLinux 8 : httpd:2.4 (ALSA-2024:4720)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4720 advisory. httpd: Encoding problem in modproxy CVE-2024-38473 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: Improper escaping of output in...

9.8CVSS7.6AI score0.99957EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.45 views

RHEL 8 : httpd:2.4 (RHSA-2024:4827)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4827 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

9.8CVSS8.2AI score0.99957EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.52 views

RHEL 8 : httpd:2.4 (RHSA-2024:4830)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4830 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

9.8CVSS8.2AI score0.99957EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.41 views

RHEL 8 : httpd:2.4 (RHSA-2024:4820)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4820 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

9.8CVSS8.2AI score0.99957EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/07/23 1:24 p.m.72 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7AI score0.99957EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2024/07/23 8:59 a.m.1 views

httpd: Substitution encoding issue in mod_rewrite

A flaw was found in the modrewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be execut...

9.8CVSS7.1AI score0.02456EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/23 8:59 a.m.54 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.99957EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/07/23 8:57 a.m.550 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.99957EPSS
Exploits2References6
OSV
OSV
added 2024/07/23 7:16 a.m.47 views

BIT-APACHE-2024-40898 Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows

SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...

9.1CVSS7.3AI score0.01536EPSS
Exploits5References4
OSV
OSV
added 2024/07/23 7:4 a.m.43 views

SUSE-SU-2024:2597-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 bsc1227272 - CVE-2024-38475: Fixed improper escaping of output in modrewrite bsc1227268 - CVE-2024-38476: Fixed server may use exploitable/malicious backend application output ...

9.8CVSS7.3AI score0.99957EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2024/07/23 12:0 a.m.44 views

SUSE: Security Advisory (SUSE-SU-2024:2591-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.99957EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.266 views

RHEL 8 : httpd:2.4 (RHSA-2024:4720)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4720 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Encoding problem...

9.8CVSS7.7AI score0.99957EPSS
Exploits2References12
Rows per page
Query Builder