Lucene search
+L

107 matches found

broadcom
broadcom
added 2023/08/01 12:0 a.m.74 views

CVE-2022-28615: Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS8.8AI score0.05729EPSS
Exploits0
susecve
susecve
added 2023/02/15 6:4 a.m.6 views

SUSE CVE-2009-1603

src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted...

7.5CVSS6.8AI score0.01091EPSS
Exploits0References3
susecve
susecve
added 2023/02/15 4:52 a.m.4 views

SUSE CVE-2017-3169

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port...

3.7CVSS9.5AI score0.19953EPSS
Exploits0References9
susecve
susecve
added 2023/02/15 4:52 a.m.5 views

SUSE CVE-2017-3167

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

7.4CVSS7.2AI score0.20231EPSS
Exploits0References9
osv
osv
added 2022/06/09 5:15 p.m.4 views

ALPINE-CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS6.8AI score0.05729EPSS
Exploits0References1
nvd
nvd
added 2022/06/09 5:15 p.m.26 views

CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS0.05729EPSS
Exploits0References6
prion
prion
added 2022/06/09 5:15 p.m.35 views

Out-of-bounds

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

6.4CVSS9.1AI score0.05729EPSS
Exploits0References6Affected Software2
osv
osv
added 2022/06/09 5:15 p.m.5 views

UBUNTU-CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS7.2AI score0.05729EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2022/06/09 12:0 a.m.64 views

CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS7.2AI score0.05729EPSS
Exploits0References6
debiancve
debiancve
added 2022/06/08 10:0 a.m.62 views

CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS8.2AI score0.05729EPSS
Exploits0
cvelist
cvelist
added 2022/06/08 10:0 a.m.111 views

CVE-2022-28615 Read beyond bounds in ap_strcmp_match()

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.6AI score0.05729EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2022/06/08 10:0 a.m.5 views

CVE-2022-28615 Read beyond bounds in ap_strcmp_match()

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

6.4AI score0.05729EPSS
Exploits0References6
osv
osv
added 2022/06/08 10:0 a.m.39 views

CVE-2022-28615 Read beyond bounds in ap_strcmp_match()

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS6.6AI score0.05729EPSS
Exploits0References8
alpinelinux
alpinelinux
added 2022/06/08 10:0 a.m.81 views

CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS9.2AI score0.05729EPSS
Exploits0
nvd
nvd
added 2021/09/16 3:15 p.m.35 views

CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS0.36339EPSS
Exploits0References15
ubuntucve
ubuntucve
added 2021/09/16 3:15 p.m.336 views

CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.1AI score0.36339EPSS
Exploits0References5
osv
osv
added 2021/09/16 3:15 p.m.3 views

UBUNTU-CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS7.1AI score0.36339EPSS
Exploits0References6
cvelist
cvelist
added 2021/09/16 2:40 p.m.279 views

CVE-2021-39275 ap_escape_quotes buffer overflow

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.9AI score0.36339EPSS
Exploits0References15
alpinelinux
alpinelinux
added 2021/09/16 2:40 p.m.60 views

CVE-2021-39275

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS9.4AI score0.36339EPSS
Exploits0
httpd
httpd
added 2021/09/16 12:0 a.m.593 views

Apache Httpd < 2.4.49 : ap_escape_quotes buffer overflow

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS2AI score0.36339EPSS
Exploits0
Rows per page
Query Builder