19024 matches found
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.3 release and security update
Red Hat JBoss Web Server 6.2.3 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
IBM HTTP Server 代码问题漏洞
IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain code vulnerabilities that could lead to denial-of-service attacks due to the optional module modibmUpload...
PT-2026-43366
Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An invalid pointer dereference occurs in the Administration Server. A privileged, authenticated user can exploit this issue to cause a denial of service or expose sensitive...
algernon 竞争条件问题漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.6 contained a race condition vulnerability. This vulnerability stemmed from the sync.RWMutex used in engine/luahandler.go to protect LoadCommonFunctions, which was released before L.Push and L.PCall...
PT-2026-43297
Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, in engine/luahandler.go, the sync.RWMutex protecting LoadCommonFunctions is released before L.Push and L.PCall execute. Since gopher-lua's LState is explicitly not goroutine-safe, concurrent requests race on the shared state...
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained a security vulnerability. This vulnerability stemmed from the process of traversing parent directories upwards during directory requests to find the handler.lua file. This could allow...
IBM HTTP Server 资源管理错误漏洞
IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain resource management vulnerabilities that can lead to denial-of-service attacks when attackers have permission to write to certain server...
algernon 路径遍历漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.6 contained a path traversal vulnerability. This vulnerability stemmed from the uploadedFileSaveIn function in lua/upload/upload.go, which used filepath.Join to concatenate the directory provided by the...
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.8 contained security vulnerabilities. These vulnerabilities stemmed from path traversal via the Host header when using the --domain option, potentially allowing arbitrary file reading, directory listing...
PT-2026-43365
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained a security vulnerability. This vulnerability stemmed from the hardcoded wildcard in the Access-Control-Allow-Origin header of the SSE event server, which could allow any third-party page to...
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained security vulnerabilities. These vulnerabilities stemmed from the forced activation of debugging mode in single-file mode, allowing the leakage of the file’s absolute path and complete byte...
algernon 安全漏洞
Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.7 contained security vulnerabilities. These vulnerabilities stemmed from the SSE event server being bound to 0.0.0.0:5553 by default, which could allow unauthorized network access...
IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞
IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain environmental issues, which stem from vulnerabilities that can be exploited by HTTP request payload attacks...
PT-2026-43363
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request...
PT-2026-43324
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod ibm upload...
IBM WebSphere Application Server 8.5.x / 9.x RCE (7274072)
The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7274072 advisory. - IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and...
PT-2026-43298
Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...
CVE-2026-9369
A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...
CVE-2026-9369 NousResearch hermes-agent CLI web-dashboard web_server.py _discover_dashboard_plugins comparison
A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...