Search
Search Results (103 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-0220 | 6 Apache, Canonical, Debian and 3 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2024-11-21 | N/A |
| A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. | ||||
| CVE-2018-6112 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||||
| CVE-2018-12020 | 4 Canonical, Debian, Gnupg and 1 more | 10 Ubuntu Linux, Debian Linux, Gnupg and 7 more | 2024-11-21 | 7.5 High |
| mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. | ||||