Search CVE reports
321 – 330 of 346 results
Some fixes available 10 of 11
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request...
2 affected packages
apache, apache2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache | — | — | — | — | — |
| apache2 | — | — | — | — | — |
Some fixes available 21 of 24
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte...
14 affected packages
amarok, dovecot, exim4, libapache2-mod-auth-pgsql, php5...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amarok | — | — | — | — | — |
| dovecot | — | — | — | — | — |
| exim4 | — | — | — | — | — |
| libapache2-mod-auth-pgsql | — | — | — | — | — |
| php5 | — | — | — | — | — |
| postfix | — | — | — | — | — |
| postgresql | — | — | — | — | — |
| postgresql-7.4 | — | — | — | — | — |
| postgresql-8.1 | — | — | — | — | — |
| postgresql-8.2 | — | — | — | — | — |
| psycopg | — | — | — | — | — |
| psycopg2 | — | — | — | — | — |
| pygresql | — | — | — | — | — |
| python-pgsql | — | — | — | — | — |
Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
1 affected package
libapache2-mod-python
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libapache2-mod-python | — | — | — | — | — |
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as...
1 affected package
libapache2-mod-auth-pgsql
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libapache2-mod-auth-pgsql | — | — | — | — | — |
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL...
1 affected package
apache2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache2 | — | — | — | — | — |
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using...
2 affected packages
apache, apache2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache | — | — | — | — | — |
| apache2 | — | — | — | — | — |
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool...
1 affected package
apache2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache2 | — | — | — | — | — |
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote...
2 affected packages
libapache-mod-ssl, apache2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libapache-mod-ssl | — | — | — | — | — |
| apache2 | — | — | — | — | — |
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
1 affected package
apache2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache2 | — | — | — | — | — |
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in...
6 affected packages
apache2, gnumeric, pcre3, python2.2, python2.3, python2.4
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| apache2 | — | — | — | — | — |
| gnumeric | — | — | — | — | — |
| pcre3 | — | — | — | — | — |
| python2.2 | — | — | — | — | — |
| python2.3 | — | — | — | — | — |
| python2.4 | — | — | — | — | — |