厂商或团体 apache 的搜索结果 (773)

CVE-2017-9801(发布:2017-08-07 11:29:00)NMS
CVSS5.0

[原文]When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.

CVE-2016-8743(发布:2017-07-27 17:29:00)NMPS
CVSS5.0

[原文]Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.

CVE-2016-0736(发布:2017-07-27 17:29:00)NMPS
CVSS5.0

[原文]In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.

CVE-2016-2161(发布:2017-07-27 17:29:00)NMPS
CVSS5.0

[原文]In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.

CVE-2017-7659(发布:2017-07-26 17:29:00)NMPS
CVSS5.0

[原文]A maliciously constructed HTTP/2 request could cause mod_http2 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.

CVE-2015-3208(发布:2017-07-25 14:29:00)NMCS
CVSS7.5

[CNNVD]Apache ActiveMQ Artemis 信息泄露漏洞--Apache ActiveMQ Artemis是美国阿帕奇(Apache)软件基金会的一个为Java应用提供嵌入式消息服务的项目。 Apache ActiveMQ Artemis中存在信息泄露漏洞。攻击者可利用该漏洞获取敏感信息的访问权限。 ...

12345678下一页尾页 第1页 / 共129页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站