CVSS: 9.8EPSS: 96%CPEs: 10EXPL: 45CVE-2021-42013 – Apache HTTP Server Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2021-42013
07 Oct 2021 — It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache ... • https://packetstorm.news/files/id/181114 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-33193 – Request splitting via HTTP/2 method injection and mod_proxy
https://notcve.org/view.php?id=CVE-2021-33193
16 Aug 2021 — A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. Un método diseñado enviado mediante HTTP/2 omitirá la comprobación y será reenviado por mod_proxy, lo que puede conllevar a la división de peticiones o el envenenamiento de la caché. Este problema afecta a Apache HTTP Server versiones 2.4.17 a 2.4.48. A NULL pointer dereference was found in Apache httpd mod_... • https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 81%CPEs: 12EXPL: 0CVE-2021-26691 – Apache HTTP Server mod_session response handling heap overflow
https://notcve.org/view.php?id=CVE-2021-26691
10 Jun 2021 — In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 , un parámetro SessionHeader especialmente diseñado enviado por un servidor de origen podría causar un desbordamiento de pila A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBo... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 5%CPEs: 205EXPL: 1CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
25 Mar 2021 — An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS c... • https://github.com/riptl/cve-2021-3449 • CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 56EXPL: 0CVE-2021-3450 – CA certificate check bypass with X509_V_FLAG_X509_STRICT
https://notcve.org/view.php?id=CVE-2021-3450
25 Mar 2021 — The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectivel... • http://www.openwall.com/lists/oss-security/2021/03/27/1 • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 1CVE-2015-1351 – php: use after free in opcache extension
https://notcve.org/view.php?id=CVE-2015-1351
17 Feb 2015 — Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en la función _zend_shared_memdup en zend_shared_alloc.c en la extensión OPcache en PHP hasta 5.6.7 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a trav... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=777c39f4042327eac4b63c7ee87dc1c7a09a3115 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 95%CPEs: 1EXPL: 0CVE-2010-0072 – Oracle Secure Backup observiced.exe Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0072
12 Jan 2010 — Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a "reverse lookup of connections" to TCP port 10000. Un... • http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html •
CVSS: 9.0EPSS: 82%CPEs: 1EXPL: 2CVE-2009-1978 – Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-1978
14 Jul 2009 — Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows remote authenticated users to execute arbitrary code with SYSTEM privileges via vectors involving property_box.php. Vulnerabilidad no especific... • https://packetstorm.news/files/id/180767 •
CVSS: 10.0EPSS: 82%CPEs: 1EXPL: 2CVE-2009-1977 – Oracle Secure Backup Administration Server Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2009-1977
14 Jul 2009 — Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php. Vulnerabilidad no especificada en el com... • https://packetstorm.news/files/id/180767 •