The host is installed with Apache HTTP Server through 2.4.58 and is prone to a HTTP Response splitting vulnerability. A flaw is present in the application, which fails to properly handle input validation. Successful exploitation allows malicious or exploitable backend/content generators to split HTTP responses.
The host is installed with Apache HTTP Server before 2.4.58 and is prone to an out of memory vulnerability. A flaw is present in the application, which fails to properly handle a RST frame. Successful exploitation allows attackers to cause out of memory.
This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber * CVE-2019-11757: Use-after-free when creating ...
The host is installed with Apache HTTP Server 2.4.x before 2.4.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly close back-end connections. Successful exploitation could allow attackers to obtain information intended for a different client.
The host is installed with Apache HTTP Server 2.4.x before 2.4.3 and is prone to a multiple cross site scripting vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted filename during construction of a variant list. Successful exploitation could allow attackers to inject arbitrary web script or HTML.
The host is installed with Apache HTTP Server 2.4.0 through 2.4.46 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted Cookie header. Successful exploitation could allow attackers to cause a NULL pointer dereference and crash, leading to a possible denial Of service.
The host is installed with Apache HTTP Server 2.4.0 through 2.4.46 and is prone to a heap overflow vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted SessionHeader. Successful exploitation could allow attackers to cause a heap overflow.
The host is installed with Apache HTTP Server 2.4.0 through 2.4.46 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle insufficient privileges. Successful exploitation could allow unprivileged attackers to stop httpd.