厂商或团体 apache 的搜索结果 (950)

CVE-2018-1286(发布:2018-02-28 13:29:00)NM
CVSS4.0

[原文]In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users.

CVE-2017-7671(发布:2018-02-27 15:29:00)NMS
CVSS5.0

[原文]There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

CVE-2017-5660(发布:2018-02-27 15:29:00)NMS
CVSS5.0

[原文]There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.

CVE-2018-1305(发布:2018-02-23 18:29:00)NMPS
CVSS4.0

[原文]Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.

CVE-2013-0267(发布:2018-02-21 10:29:00)NMCOPS
CVSS6.5

[CNNVD]Apache VCL 多个输入验证漏洞--Apache VCL是美国阿帕奇软件基金会(Apache)的一个免费、开源的云计算平台,可以为最终用户提供专用的计算环境。 Apache VCL中存在多个输入验证漏洞。攻击者可利用这些漏洞提权,导致拒绝服务状态,或当用户浏览被影响的网站时,其浏览器将执行攻击者提供的任意代码,这将可能允许攻击者窃取基...

CVE-2015-0203(发布:2018-02-21 10:29:00)NMCPS
CVSS4.0

[CNNVD]Apache Qpid 拒绝服务漏洞--Apache Qpid是美国阿帕奇(Apache)软件基金会开发的一款面向对象的消息中间件,它是一个AMQP(高级消息队列协议)的实现,可以和符合AMQP协议的系统进行通信,并提供了C++、Python、Java、C#等编程语言的客户端库。 Apache Qpid中存在拒绝服务漏...

首页上一页56789101112下一页尾页 第7页 / 共159页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站