Filtered by vendor Redhat
Subscriptions
Filtered by product Jboss Core Services
Subscriptions
Total
306 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-5436 | 8 Debian, F5, Fedoraproject and 5 more | 15 Debian Linux, Traffix Signaling Delivery Controller, Fedora and 12 more | 2024-08-04 | 7.8 High |
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | ||||
CVE-2019-3823 | 6 Canonical, Debian, Haxx and 3 more | 9 Ubuntu Linux, Debian Linux, Libcurl and 6 more | 2024-08-04 | N/A |
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller. | ||||
CVE-2019-3822 | 7 Canonical, Debian, Haxx and 4 more | 17 Ubuntu Linux, Debian Linux, Libcurl and 14 more | 2024-08-04 | 9.8 Critical |
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header. | ||||
CVE-2019-0220 | 6 Apache, Canonical, Debian and 3 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2024-08-04 | N/A |
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. | ||||
CVE-2019-0211 | 8 Apache, Canonical, Debian and 5 more | 28 Http Server, Ubuntu Linux, Debian Linux and 25 more | 2024-08-04 | 7.8 High |
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. | ||||
CVE-2019-0217 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-08-04 | 7.5 High |
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | ||||
CVE-2019-0196 | 4 Apache, Canonical, Debian and 1 more | 5 Http Server, Ubuntu Linux, Debian Linux and 2 more | 2024-08-04 | N/A |
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly. | ||||
CVE-2019-0197 | 6 Apache, Canonical, Fedoraproject and 3 more | 12 Http Server, Ubuntu Linux, Fedora and 9 more | 2024-08-04 | 4.2 Medium |
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set "H2Upgrade on" are unaffected by this issue. | ||||
CVE-2020-35452 | 5 Apache, Debian, Fedoraproject and 2 more | 8 Http Server, Debian Linux, Fedora and 5 more | 2024-08-04 | 7.3 High |
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow | ||||
CVE-2020-25680 | 1 Redhat | 2 Jboss Core Services, Jboss Core Services Httpd | 2024-08-04 | 5.4 Medium |
A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity. | ||||
CVE-2020-25710 | 4 Debian, Fedoraproject, Openldap and 1 more | 7 Debian Linux, Fedora, Openldap and 4 more | 2024-08-04 | 7.5 High |
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability. | ||||
CVE-2020-25709 | 4 Apple, Debian, Openldap and 1 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2024-08-04 | 7.5 High |
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. | ||||
CVE-2020-14155 | 7 Apple, Gitlab, Netapp and 4 more | 22 Macos, Gitlab, Active Iq Unified Manager and 19 more | 2024-08-04 | 5.3 Medium |
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | ||||
CVE-2020-13950 | 5 Apache, Debian, Fedoraproject and 2 more | 8 Http Server, Debian Linux, Fedora and 5 more | 2024-08-04 | 7.5 High |
Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service | ||||
CVE-2020-11984 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-08-04 | 9.8 Critical |
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | ||||
CVE-2020-11993 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-08-04 | 7.5 High |
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers. | ||||
CVE-2020-11080 | 7 Debian, Fedoraproject, Nghttp2 and 4 more | 16 Debian Linux, Fedora, Nghttp2 and 13 more | 2024-08-04 | 3.7 Low |
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection. | ||||
CVE-2020-8286 | 9 Apple, Debian, Fedoraproject and 6 more | 22 Mac Os X, Macos, Debian Linux and 19 more | 2024-08-04 | 7.5 High |
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. | ||||
CVE-2020-8284 | 10 Apple, Debian, Fedoraproject and 7 more | 31 Mac Os X, Macos, Debian Linux and 28 more | 2024-08-04 | 3.7 Low |
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. | ||||
CVE-2020-8285 | 10 Apple, Debian, Fedoraproject and 7 more | 32 Mac Os X, Macos, Debian Linux and 29 more | 2024-08-04 | 7.5 High |
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. |