Lucene search

K

1096 matches found

CVE
CVE
added 2022/06/09 5:15 p.m.18160 views

CVE-2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.

9.8CVSS9.4AI score0.00052EPSS
CVE
CVE
added 2021/09/26 7:15 p.m.16449 views

CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gr...

7CVSS7.5AI score0.01864EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.9902 views

CVE-2022-23943

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

9.8CVSS9.2AI score0.64142EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.7625 views

CVE-2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

9.8CVSS9.4AI score0.29926EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.7254 views

CVE-2021-26691

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow

9.8CVSS9.2AI score0.47495EPSS
CVE
CVE
added 2021/12/20 12:15 p.m.6743 views

CVE-2021-44790

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earl...

9.8CVSS9.9AI score0.86206EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.6374 views

CVE-2021-39275

ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.

9.8CVSS9.3AI score0.44803EPSS
CVE
CVE
added 2021/12/10 10:15 a.m.5828 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.94358EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.4453 views

CVE-2021-40438

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

9CVSS9.5AI score0.94443EPSS
CVE
CVE
added 2022/06/09 5:15 p.m.3446 views

CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strc...

9.1CVSS9AI score0.00558EPSS
CVE
CVE
added 2022/03/25 9:15 a.m.3078 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00085EPSS
CVE
CVE
added 2022/04/13 4:15 p.m.2819 views

CVE-2015-20107

In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided...

8CVSS7.8AI score0.00886EPSS
CVE
CVE
added 2021/10/05 9:15 a.m.2563 views

CVE-2021-41773

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configur...

7.5CVSS9.2AI score0.94427EPSS
CVE
CVE
added 2021/12/20 12:15 p.m.2494 views

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forger...

8.2CVSS8.7AI score0.08392EPSS
CVE
CVE
added 2022/03/23 8:15 p.m.2487 views

CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from...

7.4CVSS7.5AI score0.00375EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.2430 views

CVE-2020-35452

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...

7.3CVSS8.5AI score0.03741EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2344 views

CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

9.1CVSS9.4AI score0.26907EPSS
CVE
CVE
added 2022/10/21 6:15 a.m.2127 views

CVE-2022-37454

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

9.8CVSS10AI score0.01445EPSS
CVE
CVE
added 2022/03/10 5:44 p.m.2066 views

CVE-2022-0847

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page c...

7.8CVSS7.7AI score0.83495EPSS
CVE
CVE
added 2021/10/07 4:15 p.m.2062 views

CVE-2021-42013

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default co...

9.8CVSS9.4AI score0.94427EPSS
CVE
CVE
added 2022/06/09 5:15 p.m.2050 views

CVE-2022-30556

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.

7.5CVSS8.8AI score0.0019EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2010 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

7.5CVSS8.7AI score0.27284EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1938 views

CVE-2021-26690

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

7.5CVSS8.6AI score0.68374EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.1879 views

CVE-2021-34798

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

7.5CVSS8.8AI score0.10967EPSS
CVE
CVE
added 2022/06/09 5:15 p.m.1714 views

CVE-2022-26377

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versio...

7.5CVSS8.9AI score0.3424EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1671 views

CVE-2019-17567

Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...

5.3CVSS7AI score0.05655EPSS
CVE
CVE
added 2021/08/16 8:15 a.m.1629 views

CVE-2021-33193

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

7.5CVSS7.8AI score0.01229EPSS
CVE
CVE
added 2021/12/14 7:15 p.m.1603 views

CVE-2021-45046

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context L...

9CVSS9.7AI score0.94358EPSS
CVE
CVE
added 2022/07/28 2:15 a.m.1597 views

CVE-2022-2294

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02784EPSS
CVE
CVE
added 2022/04/04 5:15 p.m.1587 views

CVE-2022-24785

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This pr...

7.5CVSS8AI score0.00724EPSS
CVE
CVE
added 2022/06/09 5:15 p.m.1578 views

CVE-2022-29404

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.

7.5CVSS8.5AI score0.01469EPSS
CVE
CVE
added 2022/06/09 5:15 p.m.1574 views

CVE-2022-28614

The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server ...

5.3CVSS7.5AI score0.00238EPSS
CVE
CVE
added 2021/10/25 6:15 a.m.1504 views

CVE-2021-21703

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the m...

7.8CVSS7.2AI score0.00094EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.1467 views

CVE-2020-25719

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could...

9CVSS7.5AI score0.00161EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.1413 views

CVE-2021-36160

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

7.5CVSS8.5AI score0.06954EPSS
CVE
CVE
added 2022/10/11 9:15 p.m.1315 views

CVE-2022-3140

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal mac...

6.3CVSS7.3AI score0.01089EPSS
CVE
CVE
added 2022/10/19 10:15 p.m.1241 views

CVE-2022-41741

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in...

7.8CVSS7.1AI score0.0085EPSS
CVE
CVE
added 2022/11/07 12:15 a.m.1194 views

CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network n...

7.8CVSS7.9AI score0.00024EPSS
CVE
CVE
added 2021/10/08 9:15 p.m.1167 views

CVE-2021-30632

Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.2AI score0.84245EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1159 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

5.3CVSS7.5AI score0.18342EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1153 views

CVE-2020-13950

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

7.5CVSS8.4AI score0.20337EPSS
CVE
CVE
added 2021/10/08 10:15 p.m.1141 views

CVE-2021-37973

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.5AI score0.19205EPSS
CVE
CVE
added 2022/02/08 9:15 p.m.1138 views

CVE-2022-21703

Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Edito...

8.8CVSS7.3AI score0.01791EPSS
CVE
CVE
added 2022/05/03 4:15 p.m.1134 views

CVE-2022-1292

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the s...

10CVSS9AI score0.77236EPSS
CVE
CVE
added 2022/08/24 8:15 p.m.1134 views

CVE-2022-32893

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have b...

8.8CVSS8.8AI score0.00145EPSS
CVE
CVE
added 2021/12/14 12:15 p.m.1131 views

CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remot...

7.5CVSS9.4AI score0.94358EPSS
CVE
CVE
added 2022/06/21 3:15 p.m.1126 views

CVE-2022-2068

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there ...

10CVSS9.2AI score0.77236EPSS
CVE
CVE
added 2021/10/08 10:15 p.m.1107 views

CVE-2021-37975

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.2AI score0.56103EPSS
CVE
CVE
added 2021/10/08 10:15 p.m.1095 views

CVE-2021-37976

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.5AI score0.11445EPSS
CVE
CVE
added 2022/02/08 9:15 p.m.1089 views

CVE-2022-21713

Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. /teams/:teamId will allow an authenticated attacker to view unintended data by querying for the specific team ID, /teams/:...

4.3CVSS6.2AI score0.00119EPSS
Total number of security vulnerabilities1096