[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 7635 Download | Alert*

The host is installed with Apache HTTP Server 2.4.18 through 2.4.20 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a SSL client certificate validation. Successful exploitation could allow remote attackers to access resources protected by certificate authentication without providing a valid client certificate.

The host is installed with Apache HTTP Server 2.2.x before 2.2.32 or 2.4.x before 2.4.24 and is prone to a CRLF Injection vulnerability. A flaw is present in the application, which fails to handle the Location or other outbound header key or value. Successful exploitation could allow remote attackers to cause HTTP response splitting attacks for sites which use mod_userdir.

The host is installed with Apache HTTP Server 2.4.17 through 2.4.34 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle maximum-size SETTINGS frames for an ongoing HTTP/2 connection. Successful exploitation could allow remote attackers to denial of service (DoS) condition on a targeted system.

The host is installed with Apache HTTP Server 2.4.x through 2.4.38 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to properly handle the servers processing when the path component of a request URL contains multiple consecutive slashes ('/'). Successful exploitation could allow remote attackers to leverage this issue to perform unauthorized action ...

The host is installed with Apache HTTP Server 2.4.18 through 2.4.38 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the http/2 request. Successful exploitation could allow attackers to bypass certain security restrictions and to perform unauthorized actions.

The host is installed with Apache HTTP Server 2.4.34 through 2.4.38 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an upgrade request from http/1.1 to http/2. Successful exploitation could allow attackers to cause misconfiguration and crash.

The host is installed with Apache HTTP Server 2.4.37 through 2.4.38 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a per-location client certificate verification with TLSv1.3. Successful exploitation could allow attackers to bypass configured access control restrictions in a client supporting Post-Handshake Authentication.

The host is installed with Apache HTTP Server 2.4.x through 2.4.38 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a race condition in mod_auth_digest when running in a threaded server. Successful exploitation could allow attackers with valid credentials to authenticate using another username and bypass configured access control ...

The host is installed with Apache HTTP Server 2.4.17 through 2.4.38 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the less-privileged child processes or threads. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard.

The host is installed with Apache HTTP Server 2.4.25 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle a maliciously constructed HTTP/2 request. Successful exploitation could allow attackers to dereference a NULL pointer and crash the server process.


Pages:      Start    393    394    395    396    397    398    399    400    401    402    403    404    405    406    ..   763

© SecPod Technologies