CVSS: 6.1EPSS: 2%CPEs: 218EXPL: 9CVE-2019-11358 – jQuery 3.3.1 - Prototype Pollution & XSS Exploit
https://notcve.org/view.php?id=CVE-2019-11358
19 Apr 2019 — jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propi... • https://packetstorm.news/files/id/190328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 7%CPEs: 32EXPL: 0CVE-2019-0228
https://notcve.org/view.php?id=CVE-2019-0228
17 Apr 2019 — Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. Apache PDFBox versión 2.0.14 no inicializa correctamente el analizador XML, lo que permite a los atacantes dependientes del contexto realizar ataques de Entidades Externas XML (XXE) por medio de un XFDF creado. • https://lists.apache.org/thread.html/1a3756557f8cb02790b7183ccf7665ae23f608a421c4f723113bca79%40%3Cusers.pdfbox.apache.org%3E • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.5EPSS: 89%CPEs: 77EXPL: 4CVE-2019-0227 – Apache Axis 1.4 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-0227
10 Apr 2019 — A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. Una vulnerabilidad de tipo SSRF (Server Side Request Forgery) afectó a la distribución de Apache Axis 1.4 que fue lanzada por última vez en 2006. ... • https://packetstorm.news/files/id/152462 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 42%CPEs: 24EXPL: 1CVE-2019-0217 – httpd: mod_auth_digest: access control bypass due to race condition
https://notcve.org/view.php?id=CVE-2019-0217
03 Apr 2019 — In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. En Apache HTTP Server 2.4 versión 2.4.38 y anteriores, una condición de carrera en mod_auth_digest cuando se ejecuta en un servidor multihilo podría permitir a un usuario con credenciales válidas autenticarse usando otro nombre de usuario, evitando las restr... • https://github.com/savsch/PoC_CVE-2019-0217 • CWE-284: Improper Access Control CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 87%CPEs: 68EXPL: 6CVE-2019-0211 – Apache HTTP Server Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-0211
03 Apr 2019 — In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. En Apache HTTP Server 2.4, versiones 2.4.17 a 2.4.38, con el evento MPM, worker o prefork, el código ejecutándose en procesos hijo (o hilos) m... • https://packetstorm.news/files/id/152441 • CWE-250: Execution with Unnecessary Privileges CWE-416: Use After Free •
CVSS: 5.3EPSS: 4%CPEs: 35EXPL: 0CVE-2018-17189 – httpd: mod_http2: DoS via slow, unneeded request bodies
https://notcve.org/view.php?id=CVE-2018-17189
23 Jan 2019 — In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections. En Apache HTTP Server, en sus versiones 2.4.37 y anteriores, mediante el envío de cuerpos de respuesta mediante la técnica del "slow loris" a recursos planos, la transmisión h2 para esa petición ocupó de forma innecesaria un hilo de servidor que... • http://www.securityfocus.com/bid/106685 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 17%CPEs: 10EXPL: 0CVE-2019-0190 – Gentoo Linux Security Advisory 201903-21
https://notcve.org/view.php?id=CVE-2019-0190
23 Jan 2019 — A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts. Existe un problema en la manera en la que mod_ssl gestionaba registros de cliente. Un atacante remoto podría enviar una petición espec... • http://www.securityfocus.com/bid/106743 •
CVSS: 7.5EPSS: 9%CPEs: 114EXPL: 0CVE-2018-15756 – DoS Attack via Range Requests
https://notcve.org/view.php?id=CVE-2018-15756
18 Oct 2018 — Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This ... • http://www.securityfocus.com/bid/105703 • CWE-20: Improper Input Validation •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2018-3126
https://notcve.org/view.php?id=CVE-2018-3126
17 Oct 2018 — Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in takeover of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Avai... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 5.5EPSS: 1%CPEs: 9EXPL: 0CVE-2018-11797 – pdfbox: unbounded computation in parser resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-11797
05 Oct 2018 — In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree. En Apache PDFBox 1.8.0 a 1.8.15 y 2.0.0RC1 a 2.0.11, un archivo PDF cuidadosamente manipulado puede desencadenar un cálculo que se ejecuta demasiado tiempo al analizar el árbol de páginas. This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release N... • https://lists.apache.org/thread.html/645574bc50b886d39c20b4065d51ccb1cd5d3a6b4750a22edbb565eb%40%3Cannounce.apache.org%3E • CWE-674: Uncontrolled Recursion •