CVSS: 9.8EPSS: 94%CPEs: 444EXPL: 20CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 1CVE-2023-27537 – Gentoo Linux Security Advisory 202310-12
https://notcve.org/view.php?id=CVE-2023-27537
30 Mar 2023 — A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free. Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. Ver... • https://hackerone.com/reports/1897203 • CWE-415: Double Free •
CVSS: 7.7EPSS: 0%CPEs: 17EXPL: 1CVE-2023-27538 – curl: SSH connection too eager reuse still
https://notcve.org/view.php?id=CVE-2023-27538
21 Mar 2023 — An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection. Harry Sin... • https://hackerone.com/reports/1898475 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 10.0EPSS: 94%CPEs: 398EXPL: 424CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
10 Dec 2021 — Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.... • https://packetstorm.news/files/id/171626 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 9.0EPSS: 94%CPEs: 26EXPL: 11CVE-2021-40438 – Apache HTTP Server-Side Request Forgery (SSRF)
https://notcve.org/view.php?id=CVE-2021-40438
16 Sep 2021 — A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. Un uri-path diseñado puede causar que mod_proxy reenvíe la petición a un servidor de origen elegido por el usuario remoto. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores A Server-Side Request Forgery (SSRF) flaw was found in mod_proxy of httpd. This flaw allows a remote, unauthenticated attacker to make the ht... • https://github.com/sixpacksecurity/CVE-2021-40438 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 5%CPEs: 20EXPL: 0CVE-2021-36160 – mod_proxy_uwsgi out of bound read
https://notcve.org/view.php?id=CVE-2021-36160
16 Sep 2021 — A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). Una uri-path de petición cuidadosamente diseñada puede causar que la función mod_proxy_uwsgi lea por encima de la memoria asignada y se bloquee (DoS). Este problema afecta a Apache HTTP Server versiones 2.4.30 a 2.4.48 (incluyéndola) An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated atta... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 11%CPEs: 25EXPL: 0CVE-2021-34798 – NULL pointer dereference in httpd core
https://notcve.org/view.php?id=CVE-2021-34798
16 Sep 2021 — Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. Unas peticiones malformadas pueden causar que el servidor haga desreferencia a un puntero NULL. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.8EPSS: 0%CPEs: 136EXPL: 2CVE-2021-29425 – Possible limited path traversal vulnerabily in Apache Commons IO
https://notcve.org/view.php?id=CVE-2021-29425
13 Apr 2021 — In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. En Apache Commons IO versiones anteriores a 2.7, Cuando se invoca el método FileNameUtils.normalize con una cadena de entrada inapropiada, como... • https://github.com/arsalanraja987/java-cve-2021-29425-tika-xxe • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1CVE-2021-27219 – glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
https://notcve.org/view.php?id=CVE-2021-27219
15 Feb 2021 — An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. Se detectó un problema en GNOME GLib versiones anteriores a 2.66.6 y versiones 2.67.x anteriores a 2.67.3. La función g_bytes_new presenta un desbordamiento de enteros en plataformas de 64 bits debido a una conversión implícita de 64 bits a 32 bits. • https://gitlab.gnome.org/GNOME/glib/-/issues/2319 • CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 3%CPEs: 9EXPL: 0CVE-2021-27218 – glib: integer overflow in g_byte_array_new_take function when called with a buffer of 4GB or more on a 64-bit platform
https://notcve.org/view.php?id=CVE-2021-27218
15 Feb 2021 — An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation. Se detectó un problema en GNOME GLib versiones anteriores a 2.66.7 y versiones 2.67.x anteriores a 2.67.4. Si se llamó a la función g_byte_array_new_take() con un búfer de 4 GB o más sobre una plataforma de 64 bits, la longitud debería ser truncada módulo 2*... • https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942 • CWE-190: Integer Overflow or Wraparound CWE-681: Incorrect Conversion between Numeric Types •