WordPress Plugin Brizy - Page Builder Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-17158 · WordPress · Brizy – Page Builder

Name of the Vulnerable Software and Affected Versions: The Brizy – Page Builder plugin for WordPress versions up to, and including, 2.4.39 Description: The issue allows authenticated attackers with contributor-level access and above to upload files to arbitrary locations on the server via the id...

SUSE CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

Code injection

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

Apache HTTP Server 2.4.39 - 2.4.46 Unexpected URL Matching Vulnerability - Windows

Apache HTTP Server is prone to an unexpected URL matching vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

Apache Httpd < 2.4.48 : Unexpected URL matching with 'MergeSlashes OFF'

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

Apache HTTP Server Memory Access Vulnerability - Linux

Apache HTTP Server is prone to a memory access vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver";...

Apache HTTP Server Stack Overflow Vulnerability - Linux

Apache HTTP Server is prone to a stack overflow vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"...

Apache HTTP Server < 2.4.39 mod_auth_digest Access Control Bypass Vulnerability - Linux

In Apache HTTP Server, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be...

Apache HTTP Server < 2.4.39 Privilege Escalation Vulnerability - Linux

In Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulating the...

Apache HTTP Server < 2.4.39 mod_ssl Access Control Bypass Vulnerability - Linux

In Apache HTTP Server a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpte...

Apache HTTP Server < 2.4.39 mod_ssl Access Control Bypass Vulnerability - Windows

In Apache HTTP Server a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpte...

Apache Httpd < 2.4.39 : mod_http2, possible crash on late upgrade

When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for...

Fedora 19 : openldap-2.4.39-2.fc19 (2014-2967)

CVE-2013-4449: segfault on certain queries with rwm overlay 1060851 Update to 2.4.39 1067818 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...