Lucene search
K

142 matches found

Tenable Nessus
Tenable Nessus
added 2022/01/18 12:0 a.m.48 views

Scientific Linux Security Update : httpd on SL7.x x86_64 (2022:0143)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0143-1 advisory. - httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 - httpd: modsession: Heap overflow via a crafted...

9.8CVSS8.2AI score0.97108EPSS
Exploits4References5
Oracle linux
Oracle linux
added 2022/01/18 12:0 a.m.77 views

httpd security update

2.4.6-97.0.5.4 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.4 - Resolves: 2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: 2031074 - CVE-2021-39275 httpd:...

9.8CVSS2.7AI score0.97108EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2022/01/17 9:10 a.m.241 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.4AI score0.97108EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2022/01/17 12:0 a.m.105 views

RHEL 7 : httpd (RHSA-2022:0143)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0143 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modlua: Possible...

9.8CVSS8.3AI score0.97108EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2022/01/06 12:0 a.m.55 views

EulerOS Virtualization 3.0.2.6 : httpd (EulerOS-SA-2021-2878)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

9.8CVSS7.6AI score0.68067EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/12/29 12:0 a.m.53 views

EulerOS Virtualization 3.0.2.0 : httpd (EulerOS-SA-2021-2832)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

9.8CVSS7.9AI score0.99999EPSS
Exploits5References7
Oracle linux
Oracle linux
added 2021/11/18 12:0 a.m.118 views

httpd:2.4 security update

httpd 2.4.37-43.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43 - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path 2.4.37-42 - Resolves: 2007235 - CVE-2021-40438...

10CVSS9.2AI score0.99999EPSS
Exploits7
Cent OS
Cent OS
added 2021/11/17 2:59 p.m.1032 views

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

CentOS Errata and Security Advisory CESA-2021:3856 An update for httpd is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat...

9CVSS6.9AI score0.99999EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.312 views

EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2021-2779)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

9.8CVSS7.3AI score0.68067EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2021/11/11 12:0 a.m.57 views

httpd:2.4 security update

httpd 2.4.37-39.0.2.1 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690...

7.5CVSS8.9AI score0.65067EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.84 views

CentOS 8 : httpd:2.4 (CESA-2021:4257)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4257 advisory. - httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 - httpd: Unexpected URL matching with 'MergeSlashes OFF'...

7.5CVSS6.7AI score0.65067EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/11/10 5:20 p.m.2 views

httpd: mod_session: Heap overflow via a crafted SessionHeader value

A heap overflow flaw was found In Apache httpd modsession. The highest threat from this vulnerability is to system availability...

9.8CVSS7.2AI score0.68067EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.79 views

Moderate: Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.65067EPSS
Exploits0References9
OSV
OSV
added 2021/11/09 8:52 a.m.43 views

RLSA-2021:4257 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

7.5CVSS7.8AI score0.65067EPSS
Exploits0References8
OSV
OSV
added 2021/11/09 8:52 a.m.46 views

ALSA-2021:4257 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

7.5CVSS7.8AI score0.65067EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2021/11/09 8:52 a.m.51 views

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

7.5CVSS7.9AI score0.65067EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2021/11/04 12:0 a.m.63 views

httpd security update

2.4.6-97.0.3.1 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690...

7.5CVSS8.9AI score0.65067EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.60 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : httpd Multiple Vulnerabilities (NS-SA-2021-0159)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching onl...

8.1CVSS6.6AI score0.86006EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2021/10/25 12:0 a.m.57 views

EulerOS 2.0 SP3 : httpd (EulerOS-SA-2021-2586)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of...

9.8CVSS7.6AI score0.68067EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2021/10/13 12:0 a.m.82 views

httpd:2.4 security update

httpd 2.4.37-39.1.0.1.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-39.1 - Resolves: 2007234 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path - Resolves: 2007646 - CVE-2021-26691...

9.8CVSS1.7AI score0.99999EPSS
Exploits5
Rows per page
Query Builder