Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NetappStoragegrid-

8 matches found

CVE
CVEadded 2017/06/20 1:29 a.m.7437 views

CVE-2017-3167

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

9.8CVSS9.6AI score0.0846EPSS
CVE
CVEadded 2018/03/26 3:29 p.m.7191 views

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed acros...

9.8CVSS7.5AI score0.09164EPSS
CVE
CVEadded 2021/09/16 3:15 p.m.6420 views

CVE-2021-39275

ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.

9.8CVSS9.3AI score0.44803EPSS
CVE
CVEadded 2021/09/16 3:15 p.m.4505 views

CVE-2021-40438

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

9CVSS9.5AI score0.94443EPSS
In wildWeb
CVE
CVEadded 2025/03/12 9:15 p.m.1601 views

CVE-2025-25291

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely dif...

9.8CVSS7AI score0.13868EPSS
CVE
CVEadded 2025/03/12 9:15 p.m.1577 views

CVE-2025-25292

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely dif...

9.8CVSS7AI score0.03716EPSS
CVE
CVEadded 2022/08/05 7:15 a.m.1081 views

CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHe...

9.8CVSS9.9AI score0.92678EPSS
CVE
CVEadded 2022/02/11 1:15 a.m.458 views

CVE-2022-23806

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

9.1CVSS9.1AI score0.0002EPSS