[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248430

 
 

909

 
 

195407

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 2249 Download | Alert*

The remote host is missing a patch 151913-23 containing a security fix. For more information please visit the reference link.

Oracle Solaris 11 - ( CVE-2023-22128 )

The remote host is missing a patch 148242-08 containing a security fix. For more information please visit the reference link.

The remote host is missing a patch 148241-08 containing a security fix. For more information please visit the reference link.

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of s ...

The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reve ...

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.


Pages:      Start    37    38    39    40    41    42    43    44    45    46    47    48    49    50    ..   224

© SecPod Technologies