Shodan

47.94.239.199

Regular View Raw Data Timeline
Last Seen: 2025-03-17

GeneralInformation

Country China
City Beijing
Organization Aliyun Computing Co., LTD
ISP Hangzhou Alibaba Advertising Co.,Ltd.
ASN AS37963

WebTechnologies

Ecommerce
Abicart
Editors
FrontPage4.0
JavaScript frameworks
AngularJS
Prototype1.7.2
ExtJS
RequireJS
JavaScript graphics
Kibana
JavaScript libraries
jQuery1.12.41.11.21.8.23.5.11.4.4
jQuery Migrate1.4.13.3.1
Underscore.js
jQuery UI1.9.1
DataTables
Network storage
Synology DiskStation
Operating systems
CentOS
Programming languages
Node.js
Java
PHP5.4.16
Search engines
Elasticsearch
Kibana
UI frameworks
Bootstrap3
Web server extensions
OpenSSL1.0.2k
Web servers
Apache HTTP Server2.4.6
Wikis
Atlassian Confluence

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(71)
CVE-2024-40898
7.5SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. 
CVE-2024-38477
7.5null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
CVE-2024-38476
9.8Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
CVE-2024-38474
9.8Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
CVE-2024-25117
6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.
CVE-2024-21247
3.8Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).
CVE-2024-21241
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21239
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21238
5.3Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.1 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21237
2.2Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).
CVE-2024-21236
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21231
3.1Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).
CVE-2024-21230
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21219
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21218
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21213
4.2Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).
CVE-2024-21212
4.4Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supported versions that are affected are 8.0.39 and prior and 8.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21207
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior, 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21203
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21201
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21200
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21199
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21198
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21197
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21196
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21194
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21193
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21173
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21171
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21166
5.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).
CVE-2024-21165
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.37 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21163
5.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2024-21162
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21160
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21159
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21157
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21142
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21137
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21135
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21134
4.3Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
CVE-2024-21130
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21129
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21127
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21125
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21102
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21101
2.2Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).
CVE-2024-21096
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
CVE-2024-21090
7.5Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21087
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21069
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21062
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21061
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21056
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21055
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21051
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21050
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21049
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21047
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20996
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20985
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20983
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20981
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20977
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20973
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20971
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20969
5.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2024-20967
5.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2024-20965
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20963
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-20961
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-0727
5.5Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.
2023(43)
CVE-2023-45725
5.7Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: *   list *   show *   rewrite *   update An attacker can leak the session component using an HTML-like output, insert the session as an external resource (such as an image), or store the credential in a _local document with an "update" function. For the attack to succeed the attacker has to be able to insert the design documents into the database, then manipulate a user to access a function from that design document. Workaround: Avoid using design documents from untrusted sources which may attempt to access or manipulate request object's headers
CVE-2023-44487
7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-31122
7.5Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.
CVE-2023-30800
7.5The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
CVE-2023-30799
9.1MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system.
CVE-2023-26268
4.4Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update * list * filter * filter views (using view functions as filters) * rewrite * update This doesn't affect map/reduce or search (Dreyfus) index functions. Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3). Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.
CVE-2023-26049
2.4Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue.
CVE-2023-26048
5.3Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).
CVE-2023-25690
9.8Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.
CVE-2023-22115
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22114
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22113
2.7Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
CVE-2023-22112
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22111
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22110
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22104
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22103
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22097
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22092
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22084
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22079
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22078
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22070
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22068
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22066
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22065
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22064
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22059
6.5Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22032
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-22007
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-21982
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-21980
7.1Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
CVE-2023-21977
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-21976
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-21972
4.9Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2023-5678
5.3Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
CVE-2023-3817
5.3Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
CVE-2023-2650
6.5Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.
CVE-2023-0466
5.3The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
CVE-2023-0465
5.3Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
CVE-2023-0464
7.5A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
CVE-2023-0286
7.4There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
CVE-2023-0215
7.5The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.
2022(26)
CVE-2022-45315
9.8Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.
CVE-2022-45313
8.8Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.
CVE-2022-37436
5.3Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
CVE-2022-36760
9.0Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
CVE-2022-36522
6.5Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2022-31813
9.8Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
CVE-2022-31629
6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVE-2022-31628
2.3In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2022-30556
7.5Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
CVE-2022-29404
7.5In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
CVE-2022-28615
9.1Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
CVE-2022-28614
5.3The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
CVE-2022-28330
5.3Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
CVE-2022-26377
7.5Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.
CVE-2022-24706
9.8In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations.
CVE-2022-23943
9.8Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.
CVE-2022-22721
9.1If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2022-22720
9.8Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
CVE-2022-22719
7.5A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVE-2022-4900
6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
CVE-2022-4304
5.9A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.
CVE-2022-2068
9.8In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
CVE-2022-2048
7.5In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
CVE-2022-2047
2.7In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.
CVE-2022-1292
9.8The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
CVE-2022-0778
7.5The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
2021(22)
CVE-2021-44790
9.8A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
CVE-2021-40438
9.0A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-39275
9.8ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-38295
7.3In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2
CVE-2021-36614
6.5Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2021-36613
6.5Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2021-34798
7.5Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-34428
2.9For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.
CVE-2021-32792
3.1mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.
CVE-2021-32791
5.9mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines.
CVE-2021-32786
4.7mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. This bug has been fixed in version 2.4.9 by replacing any backslash of the URL to redirect with slashes to address a particular breaking change between the different specifications (RFC2396 / RFC3986 and WHATWG). As a workaround, this vulnerability can be mitigated by configuring `mod_auth_openidc` to only allow redirection whose destination matches a given regular expression.
CVE-2021-32785
5.3mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache (`OIDCCacheEncrypt off`, `OIDCSessionType server-cache`, `OIDCCacheType redis`), `mod_auth_openidc` wrongly performed argument interpolation before passing Redis requests to `hiredis`, which would perform it again and lead to an uncontrolled format string bug. Initial assessment shows that this bug does not appear to allow gaining arbitrary code execution, but can reliably provoke a denial of service by repeatedly crashing the Apache workers. This bug has been corrected in version 2.4.9 by performing argument interpolation only once, using the `hiredis` API. As a workaround, this vulnerability can be mitigated by setting `OIDCCacheEncrypt` to `on`, as cache keys are cryptographically hashed before use when this option is enabled.
CVE-2021-32761
7.5Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a very large value and constructing specially crafted commands bit commands. This problem only affects Redis on 32-bit platforms, or compiled as a 32-bit binary. Redis versions 5.0.`3m 6.0.15, and 6.2.5 contain patches for this issue. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `proto-max-bulk-len` configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
CVE-2021-28169
5.3For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.
CVE-2021-26691
9.8In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow
CVE-2021-26690
7.5Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service
CVE-2021-23841
5.9The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
CVE-2021-23840
7.5Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
CVE-2021-4160
5.9There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).
CVE-2021-3712
7.4ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).
CVE-2021-3470
5.3A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use jemalloc or glibc malloc.
CVE-2021-3014
6.1In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.
2020(31)
CVE-2020-35452
7.3Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
CVE-2020-27216
7.0In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.
CVE-2020-20267
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
CVE-2020-20266
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20265
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.
CVE-2020-20264
6.5Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/advanced-tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.
CVE-2020-20262
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
CVE-2020-20254
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20253
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.
CVE-2020-20252
6.5Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20250
6.5Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference.
CVE-2020-20249
6.5Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service.
CVE-2020-20247
6.5Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.
CVE-2020-20230
6.5Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
CVE-2020-20225
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /nova/bin/user process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
CVE-2020-20221
6.5Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
CVE-2020-20220
6.5Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2020-20217
6.5Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
CVE-2020-20021
7.5An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon.
CVE-2020-14147
7.7An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.
CVE-2020-13938
5.5Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
CVE-2020-11985
5.3IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.
CVE-2020-11579
7.5An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
CVE-2020-11023
6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022
6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-10364
7.5The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
CVE-2020-7656
6.1jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-1971
5.9The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).
CVE-2020-1968
3.7The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted communications sent over that TLS connection. The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections. Note that this issue only impacts DH ciphersuites and not ECDH ciphersuites. This issue affects OpenSSL 1.0.2 which is out of support and no longer receiving public updates. OpenSSL 1.1.1 is not vulnerable to this issue. Fixed in OpenSSL 1.0.2w (Affected 1.0.2-1.0.2v).
CVE-2020-1934
5.3In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
CVE-2020-1927
6.1In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
2019(33)
CVE-2019-17567
5.3Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.
CVE-2019-16160
7.5An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.
CVE-2019-15055
6.5MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to the management interface as an administrator without authentication.
CVE-2019-13955
6.5Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.
CVE-2019-13954
6.5Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected.
CVE-2019-13074
7.5A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
CVE-2019-11358
6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2019-11072
9.8lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
CVE-2019-10098
6.1In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
CVE-2019-10092
6.1In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
CVE-2019-9641
9.8An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
CVE-2019-9639
7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
CVE-2019-9638
7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
CVE-2019-9637
7.5An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
CVE-2019-9024
7.5An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
CVE-2019-9023
9.8An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
CVE-2019-9021
9.8An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
CVE-2019-9020
9.8An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
CVE-2019-6977
8.8gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVE-2019-3981
3.7MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.
CVE-2019-3979
7.5RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's DNS cache via malicious responses with additional and untrue records.
CVE-2019-3978
7.5RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning
CVE-2019-3977
7.5RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into "upgrading" to an older version of RouterOS and possibly reseting all the system's usernames and passwords.
CVE-2019-3976
8.8RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled.
CVE-2019-3943
8.1MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk).
CVE-2019-3924
7.5MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.
CVE-2019-1563
3.7In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
CVE-2019-1559
5.9If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
CVE-2019-1552
3.3OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
CVE-2019-1551
5.3There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
CVE-2019-1547
4.7Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
CVE-2019-0220
5.3A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.
CVE-2019-0217
7.5In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.
2018(42)
CVE-2018-20783
7.5In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
CVE-2018-19520
8.8An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin template management.
CVE-2018-19396
7.5ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
CVE-2018-19395
7.5ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
CVE-2018-19052
7.5An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
CVE-2018-17199
7.5In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.
CVE-2018-17188
7.2Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full system entry for unauthenticated users. Rather than waiting for new vulnerabilities to be discovered, and fixing them as they come up, the CouchDB development team decided to make changes to avoid this entire class of vulnerabilities.
CVE-2018-17082
6.1The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
CVE-2018-15132
7.5An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.
CVE-2018-14883
7.5An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
CVE-2018-14851
5.5exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
CVE-2018-14847
9.1MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
CVE-2018-12453
7.5Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.
CVE-2018-12326
8.4Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source.
CVE-2018-11769
7.2CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user under which CouchDB runs, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API. This privilege escalation effectively allows a CouchDB admin user to gain arbitrary remote code execution, bypassing CVE-2017-12636 and CVE-2018-8007.
CVE-2018-11219
9.8An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.
CVE-2018-11218
9.8Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
CVE-2018-10549
8.8An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.
CVE-2018-10548
7.5An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
CVE-2018-10547
6.1An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
CVE-2018-10546
7.5An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
CVE-2018-10545
4.7An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
CVE-2018-8007
7.2Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user that CouchDB runs under, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API. This privilege escalation effectively allows an existing CouchDB admin user to gain arbitrary remote code execution, bypassing already disclosed CVE-2017-12636. Mitigation: All users should upgrade to CouchDB releases 1.7.2 or 2.1.2.
CVE-2018-7584
9.8In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
CVE-2018-7445
9.8A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable.
CVE-2018-5951
7.5An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.
CVE-2018-5712
6.1An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
CVE-2018-5711
5.5gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.
CVE-2018-5407
4.7Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVE-2018-1312
9.8In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.
CVE-2018-1303
7.5A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.
CVE-2018-1302
5.9When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.
CVE-2018-1301
5.9A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.
CVE-2018-1283
5.3In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.
CVE-2018-1159
6.5Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.
CVE-2018-1158
6.5Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.
CVE-2018-1157
6.5Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.
CVE-2018-1156
8.8Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
CVE-2018-0739
6.5Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).
CVE-2018-0737
5.9The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
CVE-2018-0734
5.9The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
CVE-2018-0732
7.5During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
2017(32)
CVE-2017-20149
9.8The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later.
CVE-2017-16642
7.5In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.
CVE-2017-15715
8.1In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
CVE-2017-15710
7.5In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.
CVE-2017-12933
9.8The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
CVE-2017-12868
9.8The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation.
CVE-2017-12636
7.2CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
CVE-2017-12635
9.8Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges.
CVE-2017-11628
7.8In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system's php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives.
CVE-2017-11147
9.1In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
CVE-2017-11145
7.5In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist.
CVE-2017-11144
7.5In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.
CVE-2017-11143
7.5In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.
CVE-2017-11142
7.5In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
CVE-2017-9798
7.5Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
CVE-2017-9788
9.1In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
CVE-2017-9735
7.5Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
CVE-2017-9226
9.8An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.
CVE-2017-9224
9.8An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.
CVE-2017-8923
9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
CVE-2017-7963
7.5The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.
CVE-2017-7890
6.5The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.
CVE-2017-7679
9.8In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
CVE-2017-7658
9.8In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
CVE-2017-7657
9.8In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
CVE-2017-7656
7.5In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.
CVE-2017-7272
7.4PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.
CVE-2017-3738
5.9There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
CVE-2017-3737
5.9OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.
CVE-2017-3736
6.5There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.
CVE-2017-3735
5.3While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.
CVE-2017-3167
9.8In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
2016(75)
CVE-2016-10712
7.5In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))['uri']" call mishandles the case where $file is data:text/plain;uri=eviluri, -- in other words, metadata can be set by an attacker.
CVE-2016-10517
7.4networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port).
CVE-2016-10397
7.5In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:80?@good.example.com/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).
CVE-2016-10161
7.5The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call.
CVE-2016-10159
7.5Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.
CVE-2016-10158
7.5The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1.
CVE-2016-9935
9.8The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document.
CVE-2016-9934
7.5ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.
CVE-2016-9933
7.5Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
CVE-2016-9138
9.8PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup.
CVE-2016-9137
9.8Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.
CVE-2016-8743
7.5Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.
CVE-2016-8670
9.8Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.
CVE-2016-8612
4.3Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.
CVE-2016-7478
7.5Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
CVE-2016-7418
7.5The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.
CVE-2016-7417
9.8ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data.
CVE-2016-7416
7.5ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument.
CVE-2016-7414
9.8The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c.
CVE-2016-7413
9.8Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call.
CVE-2016-7412
8.1ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.
CVE-2016-7411
9.8ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.
CVE-2016-7132
7.5ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing.
CVE-2016-7131
7.5ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character.
CVE-2016-7130
7.5The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document.
CVE-2016-7129
9.8The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document.
CVE-2016-7128
5.3The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
CVE-2016-7127
9.8The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.
CVE-2016-7126
9.8The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.
CVE-2016-7125
7.5ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
CVE-2016-7124
9.8ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
CVE-2016-6297
8.8Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.
CVE-2016-6296
9.8Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.
CVE-2016-6295
9.8ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.
CVE-2016-6294
9.8The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument.
CVE-2016-6292
6.5The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
CVE-2016-6291
9.8The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.
CVE-2016-6290
9.8ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.
CVE-2016-6289
7.8Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive.
CVE-2016-6288
9.8The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
CVE-2016-6174
8.1applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.
CVE-2016-5773
9.8php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.
CVE-2016-5772
9.8Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.
CVE-2016-5771
9.8spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data.
CVE-2016-5770
9.8Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.
CVE-2016-5769
9.8Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
CVE-2016-5768
9.8Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.
CVE-2016-5767
8.8Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
CVE-2016-5766
8.8Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
CVE-2016-5399
7.8The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.
CVE-2016-5387
8.1The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
CVE-2016-5114
9.1sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.
CVE-2016-5096
8.6Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.
CVE-2016-5095
8.6Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.
CVE-2016-5094
8.6Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
CVE-2016-5093
8.6The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.
CVE-2016-4975
6.1Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).
CVE-2016-4543
9.8The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
CVE-2016-4542
9.8The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
CVE-2016-4541
9.8The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
CVE-2016-4540
9.8The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
CVE-2016-4539
9.8The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero.
CVE-2016-4538
9.8The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
CVE-2016-4537
9.8The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
CVE-2016-4343
8.8The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive.
CVE-2016-4342
8.8ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive.
CVE-2016-4070
7.5Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not).
CVE-2016-3185
7.1The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
CVE-2016-3171
8.1Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
CVE-2016-3142
8.2The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.
CVE-2016-3141
9.8Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
CVE-2016-2554
9.8Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive.
CVE-2016-2161
7.5In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
CVE-2016-1903
9.1The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.
CVE-2016-0736
7.5In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.
2015(75)
CVE-2015-9253
6.5An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.
CVE-2015-9251
6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2015-8994
7.5An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.
CVE-2015-8935
6.1The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.
CVE-2015-8879
7.5The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.
CVE-2015-8877
7.5The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
CVE-2015-8876
9.8Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.
CVE-2015-8874
7.5Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
CVE-2015-8873
7.5Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls.
CVE-2015-8867
7.5The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
CVE-2015-8865
7.3The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.
CVE-2015-8838
5.9ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.
CVE-2015-8835
9.8The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c.
CVE-2015-8080
7.5Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.
CVE-2015-7804
6.8Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.
CVE-2015-7803
6.8The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.
CVE-2015-6838
7.5The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837.
CVE-2015-6837
7.5The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.
CVE-2015-6836
7.3The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function.
CVE-2015-6835
9.8The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content.
CVE-2015-6834
9.8Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.
CVE-2015-6833
7.5Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.
CVE-2015-6832
7.3Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.
CVE-2015-6831
7.3Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
CVE-2015-6497
8.8The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap.
CVE-2015-5590
7.3Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension.
CVE-2015-5589
9.8The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.
CVE-2015-4644
7.5The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
CVE-2015-4643
9.8Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.
CVE-2015-4642
9.8The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system function.
CVE-2015-4605
7.5The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
CVE-2015-4604
7.5The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
CVE-2015-4603
9.8The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4602
9.8The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4601
9.8PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.
CVE-2015-4600
9.8The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.
CVE-2015-4599
9.8The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4598
6.5PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
CVE-2015-4335
10Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
CVE-2015-4148
5.0The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
CVE-2015-4147
7.5The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.
CVE-2015-4116
9.8Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation.
CVE-2015-4026
7.5The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
CVE-2015-4025
7.5PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
CVE-2015-4024
5.0Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVE-2015-4022
7.5Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
CVE-2015-4021
5.0The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
CVE-2015-3416
7.5The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
CVE-2015-3415
7.5The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
CVE-2015-3414
7.5SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement.
CVE-2015-3412
5.3PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
CVE-2015-3411
6.5PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
CVE-2015-3330
6.8The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
CVE-2015-3329
7.5Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
CVE-2015-3307
7.5The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
CVE-2015-3200
7.5mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
CVE-2015-3185
4.3The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.
CVE-2015-3184
5.0mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.
CVE-2015-3183
5.0The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
CVE-2015-3152
5.9Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
CVE-2015-2787
7.5Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
CVE-2015-2783
5.8ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
CVE-2015-2348
5.0The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
CVE-2015-2331
7.5Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
CVE-2015-2326
5.5The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".
CVE-2015-2325
7.8The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
CVE-2015-2305
6.8Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
CVE-2015-2301
7.5Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
CVE-2015-1352
5.0The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.
CVE-2015-1351
7.5Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2015-0273
7.5Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.
CVE-2015-0235
10Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVE-2015-0232
6.8The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.
CVE-2015-0231
7.5Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.
CVE-2015-0228
5.0The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.
2014(46)
CVE-2014-9912
9.8The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument.
CVE-2014-9767
4.3Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.
CVE-2014-9709
5.0The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.
CVE-2014-9705
7.5Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.
CVE-2014-9653
7.5readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.
CVE-2014-9652
5.0The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.
CVE-2014-9427
7.5sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping.
CVE-2014-9426
7.3The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable
CVE-2014-9425
7.5Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2014-8142
7.5Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019.
CVE-2014-8109
4.3mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.
CVE-2014-5459
3.6The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
CVE-2014-5120
6.4gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.
CVE-2014-4721
2.6The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.
CVE-2014-4698
4.6Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.
CVE-2014-4670
4.6Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.
CVE-2014-4049
5.1Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.
CVE-2014-3981
3.3acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
CVE-2014-3710
5.0The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
CVE-2014-3670
6.8The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.
CVE-2014-3669
7.5Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.
CVE-2014-3668
5.0Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.
CVE-2014-3597
6.8Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.
CVE-2014-3587
4.3Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
CVE-2014-3581
5.0The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
CVE-2014-3538
5.0file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.
CVE-2014-3523
5.0Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.
CVE-2014-3515
7.5The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage.
CVE-2014-3487
4.3The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
CVE-2014-3480
4.3The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
CVE-2014-3479
4.3The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.
CVE-2014-3478
5.0Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.
CVE-2014-2497
4.3The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
CVE-2014-2270
4.3softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
CVE-2014-2020
5.0ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.
CVE-2014-1943
5.0Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2014-0238
5.0The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
CVE-2014-0237
5.0The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
CVE-2014-0236
7.5file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c.
CVE-2014-0231
5.0The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
CVE-2014-0226
6.8Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
CVE-2014-0207
4.3The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.
CVE-2014-0185
7.2sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.
CVE-2014-0118
4.3The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.
CVE-2014-0117
4.3The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
CVE-2014-0098
5.0The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
2013(18)
CVE-2013-7458
3.3linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.
CVE-2013-7456
7.6gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.
CVE-2013-7345
5.0The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
CVE-2013-7327
6.8The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226.
CVE-2013-6712
5.0The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
CVE-2013-6501
4.6The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.
CVE-2013-6438
5.0The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
CVE-2013-6420
7.5The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
CVE-2013-5704
5.0The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
CVE-2013-4365
7.5Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2013-4352
4.3The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.
CVE-2013-4248
4.3The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2013-4113
6.8ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
CVE-2013-3735
7.5The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment. NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id.
CVE-2013-2765
5.0The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
CVE-2013-2220
7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2013-0942
4.3Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0941
2.1EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA Agent before 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintaining the stored data of the node secret for the SecurID Authentication API, which allows local users to obtain sensitive information via cryptographic attacks on this data.
2012(5)
CVE-2012-6708
6.1jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2012-4360
4.3Cross-site scripting (XSS) vulnerability in the mod_pagespeed module 0.10.19.1 through 0.10.22.4 for the Apache HTTP Server allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-4001
5.0The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
CVE-2012-3526
5.0The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
CVE-2012-1171
5.0The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
2011(4)
CVE-2011-4969
4.3Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
CVE-2011-4718
6.8Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.
CVE-2011-2688
7.5SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
CVE-2011-1176
4.3The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
2009(6)
CVE-2009-3767
4.3libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2009-3766
6.8mutt_ssl.c in mutt 1.5.16 and other versions before 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2009-3765
6.8mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2009-2299
5.0The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
CVE-2009-1390
6.8Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote attackers to spoof trusted servers via a man-in-the-middle attack.
CVE-2009-0796
2.6Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
2007(2)
CVE-2007-4723
7.5Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
CVE-2007-3205
5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
2006(1)
CVE-2006-20001
7.5A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.

OpenPorts

11131517192021222325263743495370798081828384868788899094951021041101111131191351431541611751791801891952212222643113473894004274444504655025035135155415485545875936316326366666856897717898008018338739029479929939949959991023102410291063109911101111115311671198120012071234129213111337134413551366140014331446145114541455145914601471150015211557158815991604160516501723174118011883190119111925192619351947195219531962196719741975197820002002200320082018202120492050205120542057206420672070208020812082208320862087210021092121212221542181220122222271232323272332234523752376237924042455248025252558255925662628270927612762300030013006300930193020305030523058305930603072307630853090310031073111311631203123312431283129313231413147315031583160316331673189319231953256326032683269327032993301330633103349338833893406340834103500350335213541354235503551355335553559356335673568356935723590368937493780379037933794384139103922400040224023404040424063406440724150420042424243428243214369440044014402443344344438443944434444445944994500450645674602466447474782478648214840484848994911494950005001500250045005500650075009501050255080508350895140515051605172518051905201522252255230523152365237524452505254526852695274527553575432543554445494554355575560559055935595560156025640567257215800580158585901590859125938598459855986599160006001600260036010602160506080613462626379643364436482650365446556658166336653666466666667666866976775679968877001700370167071708871717218727273737434744374657474753775477548763476547657767677757777777877797788779978787887797979898000800180038008800980108011801380198020802180248040804680498053805880608063806680698076807880808081808280838084808580868087808980908094809580988099810781128121812281238126813981408146814981548163816481708172817381768181818882008237824882808282828582918316831883338334840884148419842384348443845084518463847584808482849384948500850285068520852985308543854585548558856885758577858085928596859786028606862286238649866386868724872887328767877987888800880188048806881388278832883488438845884788538868887188748875887688778879888088848885888888898899891389158969900090019002900990129013902090339035904290459047904890519052905390559058906590679071907390749079908090829083908490909091909291009101910591149130913191369138914591469151916091639166916991789180918191869191919491969200920892159216924892529291929593069308930993159333935193989418944394659480951395309553959596009611968297619779980098699876989899169918993099399943994499819988999399989999100001000110002100031000810012100151001710019100271002910039100431004510049100501005110068100821008310086101001018010181102091021010243102501034810380103901044310554109111093311000110751108211112112101121111288113001137111434116021200012001121031210912111121131211512118121301213612146121531217012173121741218012182121941219512204122131221412229122361224112251122571225812259122621226712269122731227812291122931229512299123061230812323123271232812340123441234512351123541235512357123621237612386123901239312394123981240312404124061240812426124301243312442124481245312467124701247312475124771249012492124931250012507125141252112525125271255412563125681257112581129021298013001130471344313579137801408214147142651433014401144021487314905151231544316008160101601116019160301603416037160431604616059160711608216088160931610216104164001666716992169931700017082171841777317778177801800118005180061801518027180381803918042180491805318055180561806718075180801808118088180901809418105182391824518264184431855318556190001901419016190711909119930199992000020010200822008420100201072015020256205472088021025212322123521247212532125621258212692127721288212892129521307213182132121324213262135721379220842240322556226092270323023230842342425001250072508225105255652665626657270152801528017280802984030001300023000330022300233008330120301223022230422304793052230700307223082230922310223112231222313223133731380314433144431522316223172231922320223212232322324003242232522326223274632764328003292233022330603312233222333223342233522336223382234422345003452234622348223500035100352413532235422355223555435560356223572236022361223642236522366223672236922369823702237080371223721537222373223742237443375223762237722377773782237922380223812238222383333852238622387223882238922390223912239222394223952239622398223992240000400014002240222403224062240722410224112241222414434152241800418224192242022422224242243222433224352243622437224382244021440224412244158443024432044322444224452244622448184492245000451114512245222453224533345622456774582245886458884600146122462224632246422465224692247000471224732247422475224762247722478224792247990480024801848222484224852248622487224882248922490224908049152492224942249922500005000250007500085005050070501005010551004511065123551443523115286952881534005341353480534905413855000550225542255442554435547055490555225555355554556225572255822570225752257622577225782257922583225837858392584225852258822589225912259222593225952260001600106003060099601026161361616616176207863210632566325763260
11 / tcp
-2031469209 | 2025-03-17T08:13:11.266963
13 / tcp
-2031469209 | 2025-03-17T02:59:52.123036
15 / tcp
-98713449 | 2025-03-16T11:17:27.134183
17 / tcp
-98713449 | 2025-03-17T01:14:12.045194
19 / tcp
-98713449 | 2025-03-16T05:29:25.958363
20 / tcp
-2031469209 | 2025-03-13T05:06:13.567144
21 / tcp
-1063174948 | 2025-03-17T06:38:56.787650
22 / tcp
-433191774 | 2025-03-17T02:15:15.524107
23 / tcp
-913780659 | 2025-03-17T04:16:13.719680
25 / tcp
786525225 | 2025-03-17T06:15:34.157243
26 / tcp
-7079952 | 2025-03-17T04:29:29.992551
37 / tcp
-2031469209 | 2025-03-17T04:06:22.987570
43 / tcp
-98713449 | 2025-03-17T04:30:34.685388
49 / tcp
-98713449 | 2025-03-17T01:15:51.409643
53 / tcp
-2031469209 | 2025-03-17T01:28:07.898250
70 / tcp
-2031469209 | 2025-03-16T23:35:43.908421
79 / tcp
-2031469209 | 2025-03-16T22:34:23.199247
80 / tcp
-1645651147 | 2025-03-16T22:13:16.217869
81 / tcp
-1280486690 | 2025-03-17T00:33:04.619893
82 / tcp
1954120640 | 2025-03-17T03:35:04.940798
83 / tcp
-1280486690 | 2025-03-17T01:58:13.320557
84 / tcp
870917816 | 2025-03-16T23:58:23.025078
86 / tcp
-207704745 | 2025-03-13T19:34:24.579207
87 / tcp
-1750100962 | 2025-02-26T12:19:59.127924
88 / tcp
-1280486690 | 2025-03-17T02:38:17.654270
89 / tcp
-207704745 | 2025-03-09T22:40:36.917000
90 / tcp
-488469797 | 2025-02-27T01:08:06.239666
94 / tcp
-98713449 | 2025-03-16T18:46:24.729058
95 / tcp
-98713449 | 2025-03-12T09:05:45.371817
102 / tcp
-623041173 | 2025-03-17T05:32:31.687756
104 / tcp
-98713449 | 2025-03-17T00:08:06.350084
110 / tcp
-776469200 | 2025-03-17T04:54:04.339301
111 / tcp
-2031469209 | 2025-03-17T03:42:03.499296
113 / tcp
-98713449 | 2025-03-17T04:57:55.676734
119 / tcp
-2031469209 | 2025-03-17T03:33:52.177730
135 / tcp
-98713449 | 2025-03-07T17:57:50.025803
143 / tcp
-1687578356 | 2025-03-17T03:35:20.980065
154 / tcp
-98713449 | 2025-03-13T07:26:09.179014
161 / udp
-289893565 | 2025-03-10T01:30:31.083937
175 / tcp
-98713449 | 2025-03-17T04:16:42.076517
179 / tcp
-98713449 | 2025-03-17T07:59:45.426183
180 / tcp
-98713449 | 2025-03-16T22:30:31.200556
189 / tcp
-2031469209 | 2025-03-10T09:10:43.979826
195 / tcp
-2031469209 | 2025-03-17T06:30:26.196445
221 / tcp
-2031469209 | 2025-03-17T03:12:08.590887
222 / tcp
-1237317262 | 2025-03-10T15:43:43.628546
264 / tcp
-98713449 | 2025-03-17T01:24:46.235683
311 / tcp
1094048410 | 2025-03-17T01:52:55.776779
347 / tcp
-98713449 | 2025-03-05T15:28:51.434363
389 / tcp
-98713449 | 2025-03-17T06:02:30.504240
400 / tcp
-98713449 | 2025-02-22T15:39:57.582890
427 / tcp
-1453395553 | 2025-03-17T01:33:49.570457
444 / tcp
-1454941180 | 2025-03-17T05:57:06.240803
450 / tcp
-2031469209 | 2025-03-06T12:11:35.193675
465 / tcp
-2031469209 | 2025-03-17T04:14:34.626829
502 / tcp
-236382233 | 2025-03-17T05:55:37.452793
503 / tcp
-98713449 | 2025-03-17T05:35:45.254863
513 / tcp
-2031469209 | 2025-03-12T09:29:25.509161
515 / tcp
-2031469209 | 2025-03-16T21:59:07.972481
541 / tcp
-98713449 | 2025-02-23T00:43:34.391046
548 / tcp
-2031469209 | 2025-03-17T00:27:09.652563
554 / tcp
-2031469209 | 2025-03-16T22:34:54.361121
587 / tcp
-98713449 | 2025-03-16T22:32:19.129444
593 / tcp
-2031469209 | 2025-03-17T05:55:58.758912
631 / tcp
998037014 | 2025-03-17T02:33:06.105422
632 / tcp
998037014 | 2025-03-12T21:39:36.486736
636 / tcp
998037014 | 2025-03-17T04:00:51.431870
666 / tcp
-98713449 | 2025-03-17T05:28:46.897255
685 / tcp
-2031469209 | 2025-03-16T03:10:49.221826
689 / tcp
-98713449 | 2025-03-12T02:30:29.168074
771 / tcp
-98713449 | 2025-03-17T04:52:07.294230
789 / tcp
-98713449 | 2025-03-17T07:24:16.246856
800 / tcp
-2031469209 | 2025-03-09T18:04:43.795160
801 / tcp
-2031469209 | 2025-02-26T13:00:38.409682
833 / tcp
-98713449 | 2025-02-25T02:05:27.405029
873 / tcp
-98713449 | 2025-03-16T22:56:24.703738
902 / tcp
-2031469209 | 2025-03-17T03:32:10.238986
947 / tcp
-2031469209 | 2025-02-28T06:29:02.622309
992 / tcp
-2031469209 | 2025-03-16T19:20:19.239422
993 / tcp
-98713449 | 2025-03-17T05:53:31.275495
994 / tcp
-2031469209 | 2025-03-13T05:26:40.747677
995 / tcp
-2031469209 | 2025-03-17T04:49:39.862250
999 / tcp
-98713449 | 2025-03-13T00:22:28.445224
1023 / tcp
2145920618 | 2025-03-17T05:41:29.657451
1024 / tcp
-2031469209 | 2025-03-17T04:13:54.614748
1029 / tcp
-2031469209 | 2025-02-23T09:51:34.273334
1063 / tcp
-2031469209 | 2025-03-09T19:38:46.719837
1099 / tcp
1143634665 | 2025-03-17T06:31:37.903744
1110 / tcp
-98713449 | 2025-03-13T02:23:49.736772
1111 / tcp
-2031469209 | 2025-03-11T02:52:17.056252
1153 / tcp
-2031469209 | 2025-03-16T22:41:00.708079
1167 / tcp
-98713449 | 2025-03-13T14:44:55.991883
1198 / tcp
-98713449 | 2025-03-12T22:53:56.798501
1200 / tcp
-98713449 | 2025-03-17T02:19:58.151274
1207 / tcp
-2031469209 | 2025-03-13T12:43:47.455976
1234 / tcp
-1198227559 | 2025-03-16T14:57:21.824365
1292 / tcp
-98713449 | 2025-03-16T15:56:43.745607
1311 / tcp
-2031469209 | 2025-03-17T03:14:21.692497
1337 / tcp
670358429 | 2025-03-17T07:41:02.330504
1344 / tcp
-2031469209 | 2025-03-12T07:55:15.546305
1355 / tcp
-98713449 | 2025-02-26T11:01:59.814431
1366 / tcp
-98713449 | 2025-03-08T22:08:09.943712
1400 / tcp
-98713449 | 2025-03-17T07:23:10.297971
1433 / tcp
1339473574 | 2025-03-16T23:51:29.429004
1446 / tcp
-2031469209 | 2025-03-16T18:16:28.741127
1451 / tcp
-2031469209 | 2025-03-11T08:47:19.539447
1454 / tcp
-98713449 | 2025-03-08T21:21:03.258147
1455 / tcp
-98713449 | 2025-03-03T21:23:19.667903
1459 / tcp
-2031469209 | 2025-03-16T13:41:06.525502
1460 / tcp
-98713449 | 2025-03-11T14:25:22.041192
1471 / tcp
-98713449 | 2025-03-17T06:00:03.079866
1500 / tcp
-2031469209 | 2025-03-17T05:42:50.084842
1521 / tcp
-98713449 | 2025-03-17T04:55:50.407766
1557 / tcp
-98713449 | 2025-03-11T15:31:18.273999
1588 / tcp
-2031469209 | 2025-03-16T23:37:58.702278
1599 / tcp
-98713449 | 2025-03-17T01:41:18.515636
1604 / tcp
-2031469209 | 2025-03-17T04:13:07.707889
1605 / tcp
-98713449 | 2025-03-16T13:09:41.380914
1650 / tcp
-98713449 | 2025-03-14T21:58:57.912704
1723 / tcp
-98713449 | 2025-03-16T19:17:42.975305
1741 / tcp
-2031469209 | 2025-03-17T07:11:26.170011
1883 / tcp
-2031469209 | 2025-03-17T01:56:12.135447
1901 / tcp
-98713449 | 2025-02-23T13:06:38.255739
1911 / tcp
-98713449 | 2025-03-17T03:56:02.551417
1925 / tcp
-2031469209 | 2025-03-17T06:01:30.223641
1926 / tcp
411540654 | 2025-03-17T07:06:47.632817
1935 / tcp
-98713449 | 2025-03-16T14:32:31.587312
1947 / tcp
-98713449 | 2025-02-23T20:02:16.715388
1952 / tcp
-98713449 | 2025-03-12T15:03:25.486334
1953 / tcp
-2031469209 | 2025-02-23T15:49:34.665113
1962 / tcp
-98713449 | 2025-03-17T07:56:00.766483
1967 / tcp
-98713449 | 2025-03-08T20:31:19.884711
1974 / tcp
-2031469209 | 2025-03-08T18:32:17.552998
1975 / tcp
-2031469209 | 2025-03-15T02:36:08.396205
1978 / tcp
-98713449 | 2025-03-13T22:50:28.127666
2000 / tcp
-2031469209 | 2025-03-16T22:31:47.780848
2002 / tcp
-2031469209 | 2025-03-16T22:37:24.759821
2003 / tcp
-98713449 | 2025-03-13T11:07:31.517236
2008 / tcp
-98713449 | 2025-03-12T10:11:48.561276
2018 / tcp
-2031469209 | 2025-02-26T06:23:07.841708
2021 / tcp
-2031469209 | 2025-02-26T08:50:43.799151
2049 / tcp
1500500966 | 2025-03-07T18:02:44.619196
2050 / tcp
-98713449 | 2025-03-15T02:25:28.677558
2051 / tcp
-98713449 | 2025-02-22T19:32:56.586460
2054 / tcp
-98713449 | 2025-03-13T04:58:15.108687
2057 / tcp
-98713449 | 2025-03-03T18:02:30.196944
2064 / tcp
-98713449 | 2025-03-17T03:51:18.917636
2067 / tcp
-98713449 | 2025-03-17T04:41:57.009851
2070 / tcp
-2031469209 | 2025-02-27T15:50:18.616803
2080 / tcp
-2031469209 | 2025-03-15T12:12:29.770073
2081 / tcp
-98713449 | 2025-03-17T01:38:42.100245
2082 / tcp
-98713449 | 2025-03-16T23:12:59.112105
2083 / tcp
1094048410 | 2025-03-16T22:49:55.857370
2086 / tcp
-1475755397 | 2025-03-17T05:02:12.286013
2087 / tcp
-1475755397 | 2025-03-17T05:26:31.862890
2100 / tcp
-2031469209 | 2025-03-11T23:41:47.770893
2109 / tcp
-2031469209 | 2025-03-15T18:00:46.941779
2121 / tcp
-2031469209 | 2025-03-17T05:08:17.871468
2122 / tcp
-98713449 | 2025-02-22T21:29:16.939888
2154 / tcp
-98713449 | 2025-03-17T04:50:26.089329
2181 / tcp
-2031469209 | 2025-03-16T22:36:17.662849
2201 / tcp
-98713449 | 2025-03-15T12:54:20.523538
2222 / tcp
-474542291 | 2025-03-17T07:19:43.420439
2271 / tcp
-2031469209 | 2025-03-16T19:53:20.741823
2323 / tcp
1672425963 | 2025-03-17T06:57:29.071675
2327 / tcp
-2031469209 | 2025-02-23T05:51:18.890590
2332 / tcp
-2031469209 | 2025-03-16T18:30:27.657362
2345 / tcp
-2031469209 | 2025-03-17T07:51:02.628983
2375 / tcp
-98713449 | 2025-03-17T06:21:45.618091
2379 / tcp
-98713449 | 2025-03-17T00:15:57.520863
2404 / tcp
-1863726365 | 2025-03-17T07:22:09.060225
2455 / tcp
-98713449 | 2025-03-17T07:08:48.321028
2480 / tcp
1500500966 | 2025-02-25T20:50:02.614400
2525 / tcp
-98713449 | 2025-03-06T08:44:56.684987
2558 / tcp
-98713449 | 2025-03-04T09:56:34.375910
2559 / tcp
-98713449 | 2025-03-16T05:03:27.275729
2566 / tcp
-98713449 | 2025-03-05T16:31:27.671109
2709 / tcp
-98713449 | 2025-02-23T15:11:55.463090
2761 / tcp
-98713449 | 2025-03-17T08:14:57.221386
2762 / tcp
-98713449 | 2025-03-17T06:05:29.621899
3000 / tcp
-291974457 | 2025-03-16T21:38:46.290228
3001 / tcp
-2031469209 | 2025-03-17T06:23:59.626043
3006 / tcp
-98713449 | 2025-03-04T00:27:34.467241
3009 / tcp
-2031469209 | 2025-03-15T19:44:34.725831
3019 / tcp
-98713449 | 2025-02-25T11:24:48.587247
3020 / tcp
-98713449 | 2025-03-15T21:23:49.954138
3050 / tcp
-2031469209 | 2025-03-17T02:48:59.974033
3052 / tcp
-2031469209 | 2025-03-13T18:52:54.102083
3058 / tcp
-98713449 | 2025-03-06T10:52:02.378382
3059 / tcp
-98713449 | 2025-03-09T19:53:52.056036
3060 / tcp
-98713449 | 2025-02-26T12:38:58.060087
3072 / tcp
-2031469209 | 2025-02-23T07:47:21.029193
3076 / tcp
-2031469209 | 2025-03-12T20:27:17.840031
3085 / tcp
-98713449 | 2025-03-12T18:34:38.279377
3090 / tcp
-2031469209 | 2025-03-12T11:57:32.741064
3100 / tcp
-2031469209 | 2025-02-26T07:51:00.359803
3107 / tcp
-2031469209 | 2025-03-11T07:48:12.032228
3111 / tcp
-2031469209 | 2025-03-13T23:49:12.423878
3116 / tcp
-98713449 | 2025-02-28T23:55:56.084613
3120 / tcp
-98713449 | 2025-03-04T12:34:39.276598
3123 / tcp
-98713449 | 2025-03-05T11:49:04.304717
3124 / tcp
-98713449 | 2025-03-06T18:04:47.314682
3128 / tcp
-98713449 | 2025-03-17T07:25:35.783216
3129 / tcp
-2031469209 | 2025-02-24T05:15:47.561139
3132 / tcp
-2031469209 | 2025-03-03T21:21:57.170426
3141 / tcp
-98713449 | 2025-03-06T20:03:48.581641
3147 / tcp
-98713449 | 2025-02-25T23:11:43.861837
3150 / tcp
-98713449 | 2025-02-28T15:47:36.861073
3158 / tcp
-2031469209 | 2025-03-05T09:29:40.408447
3160 / tcp
-2031469209 | 2025-02-27T15:48:05.897113
3163 / tcp
-98713449 | 2025-02-28T04:22:44.403894
3167 / tcp
-2031469209 | 2025-03-11T13:08:19.667156
3189 / tcp
-98713449 | 2025-03-16T19:44:12.134039
3192 / tcp
-2031469209 | 2025-03-13T15:35:31.779538
3195 / tcp
-98713449 | 2025-02-22T21:21:41.107566
3256 / tcp
1094048410 | 2025-03-14T16:47:42.592227
3260 / tcp
-2031469209 | 2025-03-16T17:40:31.768078
3268 / tcp
-2031469209 | 2025-03-17T05:05:09.278861
3269 / tcp
-98713449 | 2025-03-16T23:11:45.154779
3270 / tcp
-98713449 | 2025-03-11T13:50:44.995368
3299 / tcp
-2031469209 | 2025-03-17T05:13:49.113974
3301 / tcp
-2031469209 | 2025-03-17T08:11:34.499748
3306 / tcp
-740155298 | 2025-03-16T22:02:24.657639
3310 / tcp
-98713449 | 2025-03-17T06:02:39.057018
3349 / tcp
-2031469209 | 2025-02-28T11:38:50.828379
3388 / tcp
-2031469209 | 2025-03-17T06:45:06.430140
3389 / tcp
981973376 | 2025-03-17T04:51:47.231354
3406 / tcp
-2031469209 | 2025-03-04T14:41:00.482233
3408 / tcp
-98713449 | 2025-03-05T22:05:51.357833
3410 / tcp
-2031469209 | 2025-03-13T06:18:07.565828
3500 / tcp
-2031469209 | 2025-03-06T11:53:55.841242
3503 / tcp
-98713449 | 2025-03-15T16:52:55.902916
3521 / tcp
-98713449 | 2025-03-16T23:36:22.726392
3541 / tcp
-98713449 | 2025-03-17T07:10:00.959027
3542 / tcp
-98713449 | 2025-03-17T00:49:35.635980
3550 / tcp
-2031469209 | 2025-02-25T09:58:57.407592
3551 / tcp
-98713449 | 2025-03-17T07:20:14.723300
3553 / tcp
-2031469209 | 2025-03-17T00:53:08.046277
3555 / tcp
-98713449 | 2025-02-23T16:18:37.931621
3559 / tcp
-98713449 | 2025-03-07T16:41:55.901668
3563 / tcp
-98713449 | 2025-03-07T04:40:13.486084
3567 / tcp
-98713449 | 2025-02-25T11:16:38.329661
3568 / tcp
-98713449 | 2025-03-15T22:17:09.709793
3569 / tcp
-2031469209 | 2025-02-27T14:13:16.331610
3572 / tcp
-2031469209 | 2025-03-08T11:29:04.600996
3590 / tcp
-98713449 | 2025-03-07T02:58:46.292497
3689 / tcp
-98713449 | 2025-03-17T05:49:57.261796
3749 / tcp
-98713449 | 2025-03-17T04:30:34.504883
3780 / tcp
1094048410 | 2025-03-17T06:51:50.932415
3790 / tcp
411540654 | 2025-03-17T01:10:43.302225
3793 / tcp
-2031469209 | 2025-03-12T18:29:19.706367
3794 / tcp
-98713449 | 2025-03-05T05:58:54.208867
3841 / tcp
-2031469209 | 2025-03-15T22:25:38.431539
3910 / tcp
-98713449 | 2025-02-28T02:04:27.159469
3922 / tcp
-2031469209 | 2025-03-14T21:52:46.201302
4000 / tcp
-98713449 | 2025-03-17T04:12:06.446412
4022 / tcp
-597069886 | 2025-03-17T01:34:03.309294
4023 / tcp
-2031469209 | 2025-03-05T15:38:56.726136
4040 / tcp
-98713449 | 2025-03-17T06:59:49.146827
4042 / tcp
-2031469209 | 2025-03-05T19:44:51.475386
4063 / tcp
-98713449 | 2025-03-17T06:08:55.715712
4064 / tcp
-98713449 | 2025-03-17T02:25:02.663059
4072 / tcp
-2031469209 | 2025-03-13T13:15:50.766952
4150 / tcp
-98713449 | 2025-02-27T03:51:25.224806
4200 / tcp
-2031469209 | 2025-03-12T20:57:49.125003
4242 / tcp
2075743839 | 2025-03-17T07:43:06.521338
4243 / tcp
-2031469209 | 2025-03-12T08:40:27.537317
4282 / tcp
-2031469209 | 2025-03-16T14:12:52.743940
4321 / tcp
-98713449 | 2025-03-17T04:52:56.235241
4369 / tcp
-2031469209 | 2025-03-16T16:43:55.788488
4400 / tcp
-98713449 | 2025-03-13T14:33:36.516838
4401 / tcp
-2031469209 | 2025-03-10T20:47:43.774879
4402 / tcp
-2031469209 | 2025-03-11T14:42:01.464264
4433 / tcp
864306896 | 2025-03-17T07:32:34.369631
4434 / tcp
1094048410 | 2025-03-13T15:28:15.718761
4438 / tcp
-98713449 | 2025-03-16T20:32:41.706046
4439 / tcp
-2031469209 | 2025-03-09T09:29:09.898329
4443 / tcp
1059152961 | 2025-03-17T08:13:55.408080
4459 / tcp
-98713449 | 2025-03-05T11:07:29.674921
4499 / tcp
-2031469209 | 2025-03-11T14:18:34.839197
4500 / tcp
-98713449 | 2025-03-17T08:14:28.817427
4506 / tcp
-98713449 | 2025-03-17T01:12:44.154762
4567 / tcp
-2031469209 | 2025-03-17T07:11:24.641763
4602 / tcp
-2031469209 | 2025-02-26T09:38:13.232476
4664 / tcp
-98713449 | 2025-03-17T06:08:38.197124
4747 / tcp
-2031469209 | 2025-02-28T20:33:59.320005
4782 / tcp
-98713449 | 2025-03-17T01:10:51.128135
4786 / tcp
-1478571435 | 2025-03-17T00:36:09.724915
4821 / tcp
-98713449 | 2025-03-05T11:24:37.476825
4840 / tcp
-98713449 | 2025-03-16T21:52:27.856370
4848 / tcp
-98713449 | 2025-03-17T05:01:22.919381
4899 / tcp
-2031469209 | 2025-03-16T22:07:50.446332
4911 / tcp
-2031469209 | 2025-03-17T02:01:51.011593
4949 / tcp
-2031469209 | 2025-03-17T06:09:25.010851
5000 / tcp
-1514911176 | 2025-03-16T19:06:37.372530
5002 / tcp
-2031469209 | 2025-02-22T16:22:11.344177
5004 / tcp
-98713449 | 2025-02-24T17:47:29.126826
5005 / tcp
-98713449 | 2025-03-17T05:58:44.553662
5006 / tcp
411540654 | 2025-03-17T03:33:19.814197
5007 / tcp
-98713449 | 2025-03-17T01:16:20.355685
5009 / tcp
-98713449 | 2025-03-17T01:29:35.309613
5010 / tcp
-2031469209 | 2025-03-17T04:04:15.218137
5025 / tcp
-2031469209 | 2025-03-16T21:03:42.991298
5080 / tcp
-98713449 | 2025-03-14T18:10:27.853227
5083 / tcp
-98713449 | 2025-02-27T09:43:40.015794
5089 / tcp
-98713449 | 2025-03-09T09:42:07.607559
5140 / tcp
-2031469209 | 2025-03-08T12:28:59.796904
5150 / tcp
-2031469209 | 2025-03-14T14:50:50.468740
5160 / tcp
-98713449 | 2025-03-16T02:42:43.377715
5172 / tcp
1094048410 | 2025-03-17T02:51:49.712191
5180 / tcp
-98713449 | 2025-03-09T22:16:06.197944
5190 / tcp
-98713449 | 2025-02-28T09:39:15.523340
5201 / tcp
-2031469209 | 2025-03-17T02:27:21.735155
5222 / tcp
-98713449 | 2025-03-17T07:53:57.470210
5225 / tcp
-2031469209 | 2025-03-06T07:51:20.270987
5230 / tcp
-2031469209 | 2025-03-10T05:03:38.984886
5231 / tcp
-98713449 | 2025-03-13T04:47:23.144786
5236 / tcp
-98713449 | 2025-03-04T21:33:05.911741
5237 / tcp
-98713449 | 2025-03-07T04:45:46.038743
5244 / tcp
-2031469209 | 2025-02-22T21:53:33.020764
5250 / tcp
-98713449 | 2025-03-12T19:12:40.555955
5254 / tcp
-2031469209 | 2025-03-15T19:51:20.186255
5268 / tcp
-2031469209 | 2025-02-28T12:10:32.889784
5269 / tcp
-98713449 | 2025-03-17T07:38:41.292799
5274 / tcp
-2031469209 | 2025-03-12T01:19:57.280004
5275 / tcp
-98713449 | 2025-03-11T19:03:55.392377
5357 / tcp
-98713449 | 2025-03-17T05:13:38.201789
5432 / tcp
-726790289 | 2025-03-17T06:53:56.435005
5435 / tcp
-2031469209 | 2025-03-17T00:42:52.952800
5444 / tcp
-98713449 | 2025-03-14T02:21:41.065702
5494 / tcp
-2031469209 | 2025-02-27T09:47:25.184562
5543 / tcp
-98713449 | 2025-03-16T21:13:03.391255
5557 / tcp
-98713449 | 2025-03-14T15:15:26.499269
5560 / tcp
-98713449 | 2025-03-17T06:00:28.953077
5590 / tcp
-98713449 | 2025-03-14T15:43:30.904102
5593 / tcp
-98713449 | 2025-02-27T15:30:45.622173
5595 / tcp
-98713449 | 2025-03-04T23:55:39.083567
5601 / tcp
997310454 | 2025-03-17T05:28:17.598748
5602 / tcp
-2031469209 | 2025-03-17T07:11:01.844063
5640 / tcp
-2031469209 | 2025-03-12T16:02:26.510881
5721 / tcp
-2031469209 | 2025-03-14T21:30:50.322294
5800 / tcp
-98713449 | 2025-03-15T20:32:02.590277
5801 / tcp
-98713449 | 2025-03-17T00:54:34.594640
5858 / tcp
-98713449 | 2025-03-17T03:55:34.689369
5901 / tcp
-2031469209 | 2025-03-17T07:13:04.175798
5908 / tcp
-2031469209 | 2025-03-14T01:44:56.907012
5912 / tcp
-2031469209 | 2025-02-28T08:27:03.962963
5938 / tcp
-2031469209 | 2025-03-16T21:53:03.646795
5984 / tcp
-453886593 | 2025-03-17T01:33:52.819175
5985 / tcp
-427937664 | 2025-03-17T01:45:46.593021
5986 / tcp
1276237877 | 2025-03-17T06:30:55.165433
5991 / tcp
-98713449 | 2025-03-05T16:38:55.583747
6000 / tcp
-2031469209 | 2025-03-16T23:59:13.633600
6001 / tcp
-2031469209 | 2025-03-17T02:30:17.409554
6002 / tcp
-2031469209 | 2025-03-17T04:49:11.529486
6003 / tcp
-98713449 | 2025-03-07T16:29:40.864679
6010 / tcp
-2031469209 | 2025-02-26T04:50:30.432886
6021 / tcp
-2031469209 | 2025-03-16T00:46:03.218956
6050 / tcp
-98713449 | 2025-03-14T12:24:01.636504
6080 / tcp
-98713449 | 2025-03-17T00:25:45.605508
6134 / tcp
-2031469209 | 2025-02-28T21:18:54.768521
6262 / tcp
-98713449 | 2025-02-25T22:16:21.532486
6379 / tcp
-1963419546 | 2025-03-17T04:25:21.192050
6433 / tcp
-2031469209 | 2025-02-25T21:45:22.955416
6443 / tcp
411540654 | 2025-03-16T23:31:01.399172
6482 / tcp
-98713449 | 2025-02-28T18:59:59.579498
6503 / tcp
-2031469209 | 2025-02-26T01:56:38.587321
6544 / tcp
-98713449 | 2025-03-03T17:40:21.858789
6556 / tcp
-98713449 | 2025-02-23T17:53:43.071689
6581 / tcp
-2031469209 | 2025-03-06T13:15:42.213086
6633 / tcp
-98713449 | 2025-03-17T06:36:53.389495
6653 / tcp
-2031469209 | 2025-03-16T23:36:46.326406
6664 / tcp
-98713449 | 2025-03-17T07:08:38.357463
6666 / tcp
-2031469209 | 2025-03-17T00:30:10.478593
6667 / tcp
-98713449 | 2025-03-17T05:05:26.189146
6668 / tcp
-98713449 | 2025-03-17T02:37:01.962652
6697 / tcp
-98713449 | 2025-03-17T02:04:34.340241
6775 / tcp
-2031469209 | 2025-03-09T19:30:11.913321
6799 / tcp
-2031469209 | 2025-02-25T06:25:00.574294
6887 / tcp
-98713449 | 2025-03-12T17:01:51.596953
7001 / tcp
-1514911176 | 2025-03-17T00:13:09.579176
7003 / tcp
-98713449 | 2025-03-09T17:25:16.428375
7016 / tcp
-2031469209 | 2025-02-26T19:29:24.488527
7071 / tcp
411540654 | 2025-03-16T23:19:42.183376
7088 / tcp
-98713449 | 2025-02-27T21:02:54.566529
7171 / tcp
-98713449 | 2025-03-17T01:32:48.478582
7218 / tcp
-2031469209 | 2025-03-17T06:45:17.404221
7272 / tcp
-98713449 | 2025-03-06T18:29:03.062786
7373 / tcp
-98713449 | 2025-03-17T08:09:11.481727
7434 / tcp
411540654 | 2025-03-12T20:27:01.114160
7443 / tcp
411540654 | 2025-03-17T06:47:48.519799
7465 / tcp
-98713449 | 2025-03-11T10:01:58.067083
7474 / tcp
2105495716 | 2025-03-17T02:28:56.785691
7537 / tcp
-2031469209 | 2025-02-23T01:49:15.158607
7547 / tcp
430537855 | 2025-03-16T15:15:43.086744
7548 / tcp
411540654 | 2025-03-17T00:25:27.091289
7634 / tcp
-98713449 | 2025-03-16T16:19:00.839772
7654 / tcp
-98713449 | 2025-02-28T03:05:57.836444
7657 / tcp
-98713449 | 2025-03-16T22:31:51.867922
7676 / tcp
-98713449 | 2025-02-28T22:26:07.859294
7775 / tcp
-98713449 | 2025-03-16T16:49:17.198416
7777 / tcp
-2031469209 | 2025-03-17T04:06:55.835636
7778 / tcp
-98713449 | 2025-03-05T13:35:11.613471
7779 / tcp
-98713449 | 2025-03-16T12:58:01.168547
7788 / tcp
-98713449 | 2025-03-06T12:25:02.190150
7799 / tcp
-98713449 | 2025-03-06T15:50:33.237376
7878 / tcp
-98713449 | 2025-03-08T14:16:24.376408
7887 / tcp
-2031469209 | 2025-03-03T21:20:59.923185
7979 / tcp
-98713449 | 2025-02-26T20:33:24.815139
7989 / tcp
-98713449 | 2025-03-16T21:45:23.454813
8000 / tcp
870917816 | 2025-03-17T02:16:53.582248
8001 / tcp
-1536440993 | 2025-03-17T04:51:05.779521
8003 / tcp
-207704745 | 2025-03-11T07:59:17.683946
8008 / tcp
-1280486690 | 2025-03-17T06:42:15.548679
8010 / tcp
-1280486690 | 2025-03-17T05:03:06.861710
8011 / tcp
-98713449 | 2025-03-13T19:38:20.968933
8013 / tcp
-2031469209 | 2025-03-16T07:44:45.706673
8019 / tcp
-2031469209 | 2025-03-13T22:04:08.686012
8020 / tcp
-2031469209 | 2025-03-11T02:55:37.449709
8021 / tcp
-98713449 | 2025-02-28T16:28:08.255977
8024 / tcp
-2031469209 | 2025-03-05T04:12:18.679039
8040 / tcp
-98713449 | 2025-03-13T23:38:13.524465
8046 / tcp
-2031469209 | 2025-02-27T16:22:03.822879
8049 / tcp
-2031469209 | 2025-03-06T23:49:11.303215
8053 / tcp
-98713449 | 2025-03-15T15:28:17.283623
8058 / tcp
-98713449 | 2025-03-07T14:29:08.015248
8060 / tcp
-98713449 | 2025-03-16T18:24:44.564034
8063 / tcp
-98713449 | 2025-02-27T04:12:47.340691
8066 / tcp
-2031469209 | 2025-02-24T18:27:31.803080
8069 / tcp
-2031469209 | 2025-03-17T07:41:17.050615
8076 / tcp
-98713449 | 2025-03-05T07:02:07.463710
8078 / tcp
-2031469209 | 2025-03-09T15:28:59.939172
8080 / tcp
-1972664738 | 2025-03-17T10:34:19.506593
8081 / tcp
-1111946469 | 2025-03-17T04:06:45.144028
8082 / tcp
-1820446516 | 2025-02-25T14:14:44.590669
8084 / tcp
-1820446516 | 2025-02-25T05:43:09.845720
8085 / tcp
-1911943516 | 2025-03-10T03:15:45.461737
8086 / tcp
-1280486690 | 2025-03-17T02:38:46.739644
8090 / tcp
1685468267 | 2025-03-17T00:02:49.321878
8094 / tcp
-2031469209 | 2025-03-09T08:26:05.718577
8095 / tcp
413897648 | 2025-03-11T05:26:28.060573
8098 / tcp
-2031469209 | 2025-03-17T03:36:41.520807
8099 / tcp
-704785880 | 2025-03-16T22:48:41.935266
8107 / tcp
-2031469209 | 2025-03-15T00:04:12.920722
8112 / tcp
-2031469209 | 2025-03-16T13:45:33.428987
8121 / tcp
-98713449 | 2025-02-26T09:09:53.218389
8122 / tcp
-98713449 | 2025-03-07T03:25:32.283758
8123 / tcp
-98713449 | 2025-03-17T06:35:54.798345
8126 / tcp
-98713449 | 2025-03-17T06:15:58.120958
8139 / tcp
1094048410 | 2025-03-17T05:11:32.283985
8140 / tcp
411540654 | 2025-03-17T06:59:28.958435
8146 / tcp
-2031469209 | 2025-02-28T01:56:12.456533
8149 / tcp
-2031469209 | 2025-02-22T20:29:51.998871
8154 / tcp
-98713449 | 2025-03-14T05:13:13.116634
8163 / tcp
-98713449 | 2025-03-04T13:04:31.183797
8164 / tcp
-98713449 | 2025-02-26T20:36:15.602473
8170 / tcp
-98713449 | 2025-02-26T02:46:06.593904
8172 / tcp
-2031469209 | 2025-02-24T11:38:02.674959
8173 / tcp
-2031469209 | 2025-03-15T12:33:14.181349
8176 / tcp
-98713449 | 2025-03-16T03:47:39.025721
8181 / tcp
134959762 | 2025-03-17T06:25:34.947496
8188 / tcp
-2031469209 | 2025-03-09T22:40:39.342641
8200 / tcp
-98713449 | 2025-03-17T07:25:42.199373
8237 / tcp
-98713449 | 2025-03-11T02:26:54.577322
8248 / tcp
-2031469209 | 2025-03-10T01:29:55.627637
8280 / tcp
-98713449 | 2025-03-05T17:54:08.255608
8282 / tcp
-98713449 | 2025-03-06T02:46:08.939923
8285 / tcp
-98713449 | 2025-03-17T04:01:59.342881
8291 / tcp
1191162421 | 2025-03-17T00:06:11.182692
8316 / tcp
-2031469209 | 2025-03-11T11:35:22.587420
8318 / tcp
-98713449 | 2025-03-04T22:10:58.582981
8333 / tcp
-98713449 | 2025-03-17T07:39:34.607722
8334 / tcp
-98713449 | 2025-03-17T03:12:54.867946
8408 / tcp
-98713449 | 2025-03-12T17:29:41.851648
8414 / tcp
-2031469209 | 2025-03-12T09:26:53.775224
8419 / tcp
-98713449 | 2025-03-12T02:53:01.371192
8423 / tcp
-98713449 | 2025-03-08T20:20:54.790142
8434 / tcp
-98713449 | 2025-03-14T05:41:49.155712
8443 / tcp
-1972664738 | 2025-03-17T10:33:04.775825
8450 / tcp
-2031469209 | 2025-02-22T14:38:03.296873
8451 / tcp
-2031469209 | 2025-03-06T06:03:32.276024
8463 / tcp
-2031469209 | 2025-03-12T12:47:07.463017
8475 / tcp
-98713449 | 2025-03-13T07:23:45.227930
8480 / tcp
-2031469209 | 2025-03-11T06:16:54.862785
8482 / tcp
-2031469209 | 2025-03-04T11:18:29.821598
8493 / tcp
-98713449 | 2025-02-25T08:38:31.923784
8494 / tcp
-2031469209 | 2025-03-08T18:46:11.241380
8500 / tcp
1094048410 | 2025-03-17T08:08:31.710188
8502 / tcp
-2031469209 | 2025-02-27T23:16:14.313706
8506 / tcp
-98713449 | 2025-03-11T09:12:17.964042
8520 / tcp
-2031469209 | 2025-02-25T05:51:18.209035
8529 / tcp
-2031469209 | 2025-02-26T02:04:57.899942
8530 / tcp
-2031469209 | 2025-02-28T06:35:08.089445
8543 / tcp
-2031469209 | 2025-03-09T19:45:54.098448
8545 / tcp
-1341732464 | 2025-03-17T07:51:38.773899
8554 / tcp
-98713449 | 2025-03-17T00:30:12.475415
8558 / tcp
-2031469209 | 2025-03-15T20:28:14.649279
8568 / tcp
-98713449 | 2025-03-13T04:16:50.566419
8575 / tcp
-2031469209 | 2025-03-16T21:43:27.014401
8577 / tcp
-98713449 | 2025-02-28T11:37:38.221819
8580 / tcp
-2031469209 | 2025-02-27T06:47:34.720930
8592 / tcp
-2031469209 | 2025-02-25T19:06:09.768787
8596 / tcp
-2031469209 | 2025-02-25T12:31:29.001035
8597 / tcp
-2031469209 | 2025-03-09T09:04:18.422901
8602 / tcp
-2031469209 | 2025-02-23T17:27:50.496252
8606 / tcp
-2031469209 | 2025-03-11T09:38:05.930198
8622 / tcp
-2031469209 | 2025-02-25T21:52:46.297100
8623 / tcp
-2031469209 | 2025-03-12T08:57:28.465930
8649 / tcp
-98713449 | 2025-03-16T06:26:30.977389
8663 / tcp
-2031469209 | 2025-02-24T21:01:01.430590
8686 / tcp
-1058385585 | 2025-03-04T12:38:56.985949
8724 / tcp
-98713449 | 2025-03-05T20:47:03.719462
8732 / tcp
-98713449 | 2025-03-13T16:59:23.395801
8767 / tcp
-2031469209 | 2025-03-04T08:28:13.524860
8779 / tcp
-2031469209 | 2025-02-23T21:23:41.137465
8788 / tcp
-2031469209 | 2025-02-27T06:49:03.919081
8800 / tcp
-98713449 | 2025-03-17T00:08:56.361997
8801 / tcp
-2031469209 | 2025-03-11T07:02:56.105920
8804 / tcp
-2031469209 | 2025-02-25T04:19:41.641929
8806 / tcp
-2031469209 | 2025-03-16T09:13:03.445400
8813 / tcp
-98713449 | 2025-03-10T04:43:47.393806
8827 / tcp
-2031469209 | 2025-02-26T09:51:33.951795
8832 / tcp
-98713449 | 2025-02-24T11:20:11.892149
8834 / tcp
1094048410 | 2025-03-16T16:54:06.264797
8843 / tcp
-98713449 | 2025-03-12T15:35:54.142145
8845 / tcp
-98713449 | 2025-03-12T23:03:22.721372
8847 / tcp
-2031469209 | 2025-02-27T15:23:45.816519
8853 / tcp
-98713449 | 2025-03-15T01:57:19.567228
8868 / tcp
-2031469209 | 2025-02-25T05:28:50.718207
8871 / tcp
-2031469209 | 2025-03-07T13:48:06.400657
8874 / tcp
-2031469209 | 2025-03-09T22:51:55.200929
8875 / tcp
-2031469209 | 2025-03-07T13:04:21.371953
8876 / tcp
-2031469209 | 2025-03-05T22:18:46.491998
8877 / tcp
-98713449 | 2025-03-17T04:46:30.513988
8879 / tcp
-2031469209 | 2025-03-15T21:37:31.148081
8880 / tcp
411540654 | 2025-03-17T04:45:31.702323
8884 / tcp
-98713449 | 2025-02-27T00:50:29.252418
8885 / tcp
-2031469209 | 2025-03-12T20:32:06.605600
8888 / tcp
1964001960 | 2025-03-17T07:07:26.990335
8889 / tcp
411540654 | 2025-03-17T01:02:25.005630
8899 / tcp
1094048410 | 2025-03-15T14:45:19.961468
8913 / tcp
-98713449 | 2025-02-23T18:39:41.005782
8915 / tcp
-98713449 | 2025-02-28T22:16:24.975569
8969 / tcp
-98713449 | 2025-03-16T22:26:22.612268
9000 / tcp
1347224596 | 2025-03-17T07:16:09.355899
9001 / tcp
1634741987 | 2025-03-17T00:40:58.974838
9002 / tcp
1094048410 | 2025-03-17T02:51:33.597976
9009 / tcp
-98713449 | 2025-03-17T03:12:31.423179
9012 / tcp
-2031469209 | 2025-03-05T12:29:24.411201
9013 / tcp
-2031469209 | 2025-02-25T14:51:06.764226
9020 / tcp
-98713449 | 2025-03-11T11:47:55.515666
9033 / tcp
-2031469209 | 2025-03-15T14:51:40.003381
9035 / tcp
-98713449 | 2025-03-14T18:39:30.310120
9042 / tcp
-2031469209 | 2025-03-17T06:22:54.482878
9045 / tcp
-2031469209 | 2025-03-12T12:58:19.979683
9047 / tcp
-2031469209 | 2025-03-09T14:57:17.149079
9048 / tcp
-98713449 | 2025-03-08T19:56:19.791536
9051 / tcp
-98713449 | 2025-03-17T01:50:18.638517
9052 / tcp
-2031469209 | 2025-03-17T07:38:23.342869
9053 / tcp
-98713449 | 2025-03-06T14:46:44.403897
9055 / tcp
-98713449 | 2025-03-15T09:31:15.374638
9058 / tcp
-2031469209 | 2025-02-27T07:40:47.336861
9065 / tcp
-98713449 | 2025-02-27T03:29:18.504495
9067 / tcp
-2031469209 | 2025-03-11T17:42:01.150479
9071 / tcp
-2031469209 | 2025-03-01T02:04:43.165419
9073 / tcp
-98713449 | 2025-03-16T18:59:24.747588
9074 / tcp
-2031469209 | 2025-03-16T08:30:50.308428
9079 / tcp
-2031469209 | 2025-03-05T09:13:17.437645
9080 / tcp
-2113003112 | 2025-03-17T06:39:18.190782
9082 / tcp
-2031469209 | 2025-03-12T18:29:40.762215
9083 / tcp
-98713449 | 2025-03-16T21:03:33.152696
9084 / tcp
-98713449 | 2025-03-16T09:16:03.104824
9090 / tcp
2005929508 | 2025-03-16T22:43:43.714692
9091 / tcp
411540654 | 2025-03-17T07:55:13.127095
9092 / tcp
-2031469209 | 2025-03-16T16:15:15.400655
9100 / tcp
-98713449 | 2025-03-16T23:50:53.075578
9101 / tcp
-98713449 | 2025-03-14T01:43:57.167688
9105 / tcp
-2031469209 | 2025-02-22T19:09:57.398064
9114 / tcp
-98713449 | 2025-03-13T03:30:57.770830
9130 / tcp
-98713449 | 2025-03-12T08:16:02.869196
9131 / tcp
-2031469209 | 2025-02-23T15:46:20.362545
9136 / tcp
-2031469209 | 2025-03-15T10:07:42.145085
9138 / tcp
-2031469209 | 2025-02-27T22:27:27.000800
9145 / tcp
-2031469209 | 2025-02-26T09:51:55.798605
9146 / tcp
-2031469209 | 2025-02-28T19:19:39.036766
9151 / tcp
-98713449 | 2025-03-17T07:02:30.178827
9160 / tcp
-98713449 | 2025-03-16T20:41:23.228666
9163 / tcp
-2031469209 | 2025-02-23T19:34:27.486114
9166 / tcp
-2031469209 | 2025-03-11T17:43:15.004190
9169 / tcp
-98713449 | 2025-02-22T18:28:49.281048
9178 / tcp
-98713449 | 2025-02-25T09:03:35.250200
9180 / tcp
-2031469209 | 2025-03-09T21:52:44.150246
9181 / tcp
-98713449 | 2025-02-24T07:06:41.062944
9186 / tcp
-98713449 | 2025-03-11T17:14:52.502401
9191 / tcp
521951111 | 2025-03-17T06:33:39.326424
9194 / tcp
-98713449 | 2025-02-23T22:29:06.719870
9196 / tcp
-98713449 | 2025-03-17T00:53:11.672309
9200 / tcp
1701962934 | 2025-03-17T00:11:20.844084
9208 / tcp
-2031469209 | 2025-03-07T18:10:38.348757
9215 / tcp
-2031469209 | 2025-03-09T17:22:30.473328
9216 / tcp
-2031469209 | 2025-02-28T22:44:12.081069
9248 / tcp
-98713449 | 2025-03-07T05:24:56.076421
9252 / tcp
-98713449 | 2025-03-13T12:25:27.013783
9291 / tcp
-98713449 | 2025-03-14T18:43:16.425345
9295 / tcp
-2031469209 | 2025-03-17T05:33:40.937254
9306 / tcp
1094048410 | 2025-03-17T07:26:37.269326
9308 / tcp
-2031469209 | 2025-02-27T22:16:11.348512
9309 / tcp
-2031469209 | 2025-03-12T23:06:59.748349
9315 / tcp
-98713449 | 2025-02-28T17:39:57.876951
9333 / tcp
-2031469209 | 2025-03-15T23:28:09.838933
9351 / tcp
-2031469209 | 2025-03-15T20:29:27.437416
9398 / tcp
1094048410 | 2025-03-12T05:07:39.482034
9418 / tcp
-2031469209 | 2025-03-16T17:35:21.349188
9443 / tcp
-1454941180 | 2025-03-17T02:21:17.778262
9465 / tcp
-2031469209 | 2025-02-24T22:30:08.265350
9480 / tcp
-98713449 | 2025-02-27T19:13:51.854405
9513 / tcp
-98713449 | 2025-03-14T14:11:01.896515
9530 / tcp
-98713449 | 2025-03-17T03:54:55.978540
9553 / tcp
-2031469209 | 2025-03-12T13:19:58.831574
9595 / tcp
-2031469209 | 2025-03-16T23:24:34.345575
9600 / tcp
-2031469209 | 2025-03-16T22:18:00.379799
9611 / tcp
-98713449 | 2025-03-04T21:13:20.114263
9682 / tcp
-2031469209 | 2025-02-24T04:22:38.435696
9761 / tcp
-98713449 | 2025-03-17T04:11:46.756800
9779 / tcp
-2031469209 | 2025-03-15T00:04:37.797936
9800 / tcp
-2031469209 | 2025-03-17T02:17:16.441338
9869 / tcp
-98713449 | 2025-03-16T21:02:42.125173
9876 / tcp
-2031469209 | 2025-03-14T10:04:04.134103
9898 / tcp
-1452656593 | 2025-03-16T17:34:27.712466
9916 / tcp
-2031469209 | 2025-03-07T16:51:22.486545
9918 / tcp
-2031469209 | 2025-03-14T12:08:27.714201
9930 / tcp
-98713449 | 2025-03-05T12:44:10.787881
9939 / tcp
-2031469209 | 2025-03-12T19:04:10.081217
9943 / tcp
1094048410 | 2025-03-17T03:50:55.494049
9944 / tcp
-2031469209 | 2025-03-16T22:36:56.717578
9981 / tcp
-2031469209 | 2025-03-16T17:40:52.601019
9988 / tcp
-2031469209 | 2025-02-25T18:39:20.578395
9993 / tcp
-2031469209 | 2025-03-14T14:01:49.217682
9998 / tcp
-2031469209 | 2025-03-17T05:13:42.302163
9999 / tcp
523246302 | 2025-03-17T04:40:53.163563
10000 / tcp
-100223683 | 2025-03-17T06:05:35.776985
10001 / tcp
-2031469209 | 2025-03-17T06:58:34.276681
10002 / tcp
-98713449 | 2025-03-16T15:25:49.451915
10003 / tcp
-2031469209 | 2025-02-25T10:24:49.025376
10008 / tcp
-98713449 | 2025-02-25T01:17:28.913207
10012 / tcp
-2031469209 | 2025-03-10T02:10:58.312466
10015 / tcp
-98713449 | 2025-03-13T18:49:00.221568
10017 / tcp
-2031469209 | 2025-02-24T14:07:53.446145
10019 / tcp
-2031469209 | 2025-02-23T10:06:35.696437
10027 / tcp
-98713449 | 2025-03-15T22:39:57.746585
10029 / tcp
-2031469209 | 2025-03-06T22:04:22.408859
10039 / tcp
-98713449 | 2025-02-26T00:13:44.822446
10043 / tcp
-98713449 | 2025-03-04T10:52:36.562734
10045 / tcp
-2031469209 | 2025-03-06T13:16:16.961858
10049 / tcp
-2031469209 | 2025-03-05T11:51:52.869304
10050 / tcp
1094048410 | 2025-03-12T11:51:52.406700
10051 / tcp
-98713449 | 2025-03-06T23:20:37.886398
10068 / tcp
-2031469209 | 2025-02-27T08:13:17.743959
10082 / tcp
-98713449 | 2025-03-05T08:22:46.876488
10083 / tcp
-2031469209 | 2025-03-14T03:16:18.200509
10086 / tcp
-98713449 | 2025-03-13T12:15:44.164772
10100 / tcp
-98713449 | 2025-03-11T00:07:35.903798
10180 / tcp
-98713449 | 2025-02-25T09:59:43.261704
10181 / tcp
-2031469209 | 2025-02-23T09:31:16.428571
10209 / tcp
-98713449 | 2025-03-12T18:15:12.495264
10210 / tcp
-2031469209 | 2025-03-04T19:55:04.301339
10243 / tcp
-2031469209 | 2025-03-16T23:56:24.027875
10250 / tcp
411540654 | 2025-03-17T02:39:40.815698
10348 / tcp
-98713449 | 2025-02-23T23:16:40.346763
10380 / tcp
-98713449 | 2025-03-12T19:24:50.975801
10390 / tcp
-2031469209 | 2025-03-13T22:34:19.907800
10443 / tcp
-1454941180 | 2025-03-16T22:34:33.722139
10554 / tcp
-98713449 | 2025-03-17T03:23:36.749112
10911 / tcp
-98713449 | 2025-03-10T06:18:40.825719
10933 / tcp
-2031469209 | 2025-02-24T11:39:13.199424
11000 / tcp
-2031469209 | 2025-03-17T01:06:58.240356
11075 / tcp
-2031469209 | 2025-03-13T14:52:52.101078
11082 / tcp
-2031469209 | 2025-03-06T09:58:24.432701
11112 / tcp
-2031469209 | 2025-03-17T03:53:07.133358
11210 / tcp
-2031469209 | 2025-03-17T03:09:22.586347
11211 / tcp
2034197593 | 2025-03-17T07:41:03.094647
11288 / tcp
-2031469209 | 2025-03-15T19:17:03.584979
11300 / tcp
-2031469209 | 2025-03-17T06:36:27.011239
11371 / tcp
-2031469209 | 2025-03-17T07:30:25.817429
11434 / tcp
-2031469209 | 2025-03-04T03:11:08.006350
11602 / tcp
-98713449 | 2025-03-16T22:26:25.227818
12000 / tcp
-2031469209 | 2025-03-16T17:24:52.889866
12001 / tcp
-2031469209 | 2025-02-24T00:16:27.712774
12103 / tcp
-98713449 | 2025-02-23T13:40:50.181738
12109 / tcp
-2031469209 | 2025-03-05T10:30:08.003586
12111 / tcp
-98713449 | 2025-02-23T00:24:53.886973
12113 / tcp
-2031469209 | 2025-03-13T18:52:50.442962
12115 / tcp
-2031469209 | 2025-03-05T08:33:10.717727
12118 / tcp
-98713449 | 2025-02-28T15:57:54.125360
12130 / tcp
-2031469209 | 2025-03-17T03:01:37.617819
12136 / tcp
-2031469209 | 2025-02-24T16:00:02.226684
12146 / tcp
-2031469209 | 2025-02-28T20:34:46.739743
12153 / tcp
-98713449 | 2025-03-12T12:52:14.001958
12170 / tcp
-98713449 | 2025-03-17T04:23:24.093596
12173 / tcp
-2031469209 | 2025-02-25T16:48:26.837240
12174 / tcp
-2031469209 | 2025-03-10T03:20:16.165976
12180 / tcp
-2031469209 | 2025-03-05T06:32:53.392044
12182 / tcp
-98713449 | 2025-03-16T23:55:09.671485
12194 / tcp
-98713449 | 2025-03-07T14:29:35.265656
12195 / tcp
-2031469209 | 2025-02-26T10:52:23.782881
12204 / tcp
-2031469209 | 2025-03-07T05:28:40.226221
12213 / tcp
-2031469209 | 2025-02-26T14:37:35.718642
12214 / tcp
-2031469209 | 2025-02-28T21:56:48.944765
12229 / tcp
-2031469209 | 2025-02-26T21:14:02.957952
12236 / tcp
-2031469209 | 2025-03-09T11:26:12.236675
12241 / tcp
-2031469209 | 2025-02-24T19:24:36.535453
12251 / tcp
-98713449 | 2025-03-12T00:33:53.245994
12257 / tcp
-2031469209 | 2025-03-09T22:10:34.808126
12258 / tcp
-98713449 | 2025-02-25T01:58:02.571210
12259 / tcp
-2031469209 | 2025-02-26T01:51:12.058711
12262 / tcp
-2031469209 | 2025-03-09T11:50:44.089285
12267 / tcp
-98713449 | 2025-03-15T20:19:10.334485
12269 / tcp
-98713449 | 2025-02-26T21:23:24.812887
12273 / tcp
-2031469209 | 2025-03-06T10:41:51.509974
12278 / tcp
-98713449 | 2025-02-25T18:35:54.128980
12291 / tcp
-98713449 | 2025-02-26T00:14:03.944022
12293 / tcp
-98713449 | 2025-03-12T01:55:32.232339
12295 / tcp
-98713449 | 2025-02-27T10:39:12.158330
12299 / tcp
-98713449 | 2025-03-05T12:41:28.964696
12306 / tcp
-98713449 | 2025-03-06T01:18:14.408402
12308 / tcp
-2031469209 | 2025-03-13T16:21:53.099694
12323 / tcp
-2057997640 | 2025-03-12T20:05:42.630016
12327 / tcp
-2031469209 | 2025-03-14T10:34:28.001082
12328 / tcp
-98713449 | 2025-03-15T22:06:24.291378
12340 / tcp
-2031469209 | 2025-03-05T20:21:16.525385
12344 / tcp
-2031469209 | 2025-02-23T02:54:37.960505
12351 / tcp
-2031469209 | 2025-03-12T10:39:54.828739
12354 / tcp
-98713449 | 2025-03-06T20:10:51.521289
12355 / tcp
-98713449 | 2025-02-24T04:20:41.800598
12357 / tcp
-2031469209 | 2025-02-24T21:46:43.142263
12362 / tcp
-2031469209 | 2025-03-09T23:26:41.309493
12376 / tcp
-2031469209 | 2025-03-10T07:00:03.553938
12386 / tcp
-2031469209 | 2025-02-24T19:28:25.456274
12390 / tcp
-2031469209 | 2025-03-17T07:43:53.466349
12393 / tcp
-2031469209 | 2025-03-07T17:18:10.534348
12394 / tcp
-98713449 | 2025-03-14T01:48:12.272343
12398 / tcp
-98713449 | 2025-03-12T21:42:15.448569
12403 / tcp
-2031469209 | 2025-02-26T20:33:48.905173
12404 / tcp
-2031469209 | 2025-02-26T01:32:07.607203
12406 / tcp
-2031469209 | 2025-03-09T16:42:20.266902
12408 / tcp
-2031469209 | 2025-03-12T11:17:04.420864
12426 / tcp
-2031469209 | 2025-03-16T21:44:24.635946
12430 / tcp
-2031469209 | 2025-03-15T10:49:02.919971
12433 / tcp
-98713449 | 2025-02-25T21:27:26.803484
12442 / tcp
-2031469209 | 2025-03-05T02:00:36.915668
12448 / tcp
-2031469209 | 2025-03-10T06:19:27.505389
12453 / tcp
-2031469209 | 2025-03-04T15:11:53.454480
12467 / tcp
-98713449 | 2025-03-06T02:24:13.506806
12470 / tcp
-98713449 | 2025-03-07T02:28:09.591912
12473 / tcp
-2031469209 | 2025-03-11T09:39:17.576212
12475 / tcp
-2031469209 | 2025-03-06T00:51:55.468776
12477 / tcp
-98713449 | 2025-03-10T10:47:32.257010
12490 / tcp
-98713449 | 2025-02-25T22:59:56.676716
12492 / tcp
-2031469209 | 2025-03-15T12:03:08.513682
12493 / tcp
-2031469209 | 2025-02-27T08:31:24.598623
12500 / tcp
-98713449 | 2025-03-04T06:37:38.129711
12507 / tcp
-2031469209 | 2025-03-14T17:43:28.063996
12514 / tcp
-2031469209 | 2025-03-15T18:31:41.657139
12521 / tcp
-2031469209 | 2025-03-04T12:45:41.014281
12525 / tcp
-98713449 | 2025-03-12T16:15:14.053090
12527 / tcp
-98713449 | 2025-03-13T15:37:58.322985
12554 / tcp
-2031469209 | 2025-03-11T12:30:27.743537
12563 / tcp
-2031469209 | 2025-03-14T06:22:22.053965
12568 / tcp
-2031469209 | 2025-02-23T05:41:36.356654
12571 / tcp
-98713449 | 2025-03-11T06:23:50.142460
12581 / tcp
-2031469209 | 2025-03-09T18:45:06.872522
12902 / tcp
-2031469209 | 2025-03-05T12:17:49.715359
12980 / tcp
-2031469209 | 2025-03-06T01:41:56.082142
13001 / tcp
-98713449 | 2025-03-11T19:36:18.917089
13047 / tcp
1094048410 | 2025-03-11T22:26:44.508852
13443 / tcp
-2031469209 | 2025-03-14T03:01:24.099059
13579 / tcp
-98713449 | 2025-03-17T07:44:28.477621
13780 / tcp
-98713449 | 2025-03-12T12:17:08.203664
14082 / tcp
-2031469209 | 2025-02-23T11:38:09.242175
14147 / tcp
-98713449 | 2025-03-17T03:01:36.063275
14265 / tcp
-98713449 | 2025-03-17T05:28:59.216600
14330 / tcp
-98713449 | 2025-02-27T05:53:28.244151
14401 / tcp
-98713449 | 2025-02-27T05:45:10.606687
14402 / tcp
-98713449 | 2025-03-14T02:42:35.864167
14873 / tcp
-2031469209 | 2025-02-28T15:20:10.905726
14905 / tcp
-98713449 | 2025-03-09T12:15:12.128008
15123 / tcp
-98713449 | 2025-02-25T01:59:42.254488
15443 / tcp
411540654 | 2025-03-14T04:28:33.429028
16008 / tcp
-2031469209 | 2025-02-25T17:10:23.639378
16010 / tcp
-2031469209 | 2025-03-15T13:39:15.308831
16011 / tcp
-2031469209 | 2025-03-07T03:13:05.841104
16019 / tcp
-98713449 | 2025-02-28T15:18:46.993100
16030 / tcp
-98713449 | 2025-02-28T10:00:54.516964
16034 / tcp
-98713449 | 2025-02-24T04:37:13.774166
16037 / tcp
-98713449 | 2025-03-12T15:59:49.827139
16043 / tcp
-2031469209 | 2025-03-14T00:00:50.930201
16046 / tcp
-98713449 | 2025-02-24T12:26:53.256731
16059 / tcp
-98713449 | 2025-03-16T03:51:06.819816
16071 / tcp
-98713449 | 2025-03-15T20:49:11.262977
16082 / tcp
-2031469209 | 2025-02-24T04:31:46.245410
16088 / tcp
-98713449 | 2025-03-14T05:32:19.840902
16093 / tcp
-2031469209 | 2025-02-25T01:11:56.595805
16102 / tcp
-98713449 | 2025-03-09T18:53:22.772912
16104 / tcp
-2031469209 | 2025-03-12T11:02:22.384318
16400 / tcp
-2031469209 | 2025-02-22T19:33:03.531734
16667 / tcp
-98713449 | 2025-03-10T08:09:58.323345
16992 / tcp
998037014 | 2025-03-17T03:47:20.388515
17000 / tcp
-2031469209 | 2025-03-17T04:35:24.896387
17082 / tcp
-2031469209 | 2025-02-25T15:32:00.245416
17184 / tcp
-2031469209 | 2025-02-23T06:26:39.734164
17773 / tcp
-98713449 | 2025-03-12T21:22:30.392069
17778 / tcp
-98713449 | 2025-03-05T17:24:52.959123
17780 / tcp
-2031469209 | 2025-02-28T01:39:07.376133
18001 / tcp
-2031469209 | 2025-03-10T22:36:40.576793
18005 / tcp
-98713449 | 2025-03-08T15:47:30.843087
18006 / tcp
-2031469209 | 2025-02-23T03:03:45.461245
18015 / tcp
-98713449 | 2025-02-28T21:01:37.369619
18027 / tcp
-98713449 | 2025-03-03T18:01:15.012432
18038 / tcp
-2031469209 | 2025-03-04T03:57:17.650013
18039 / tcp
-98713449 | 2025-03-10T22:42:57.309050
18042 / tcp
-2031469209 | 2025-02-28T17:39:00.375446
18049 / tcp
-2031469209 | 2025-03-05T21:28:17.496594
18053 / tcp
-2031469209 | 2025-03-12T03:42:53.581588
18055 / tcp
-98713449 | 2025-03-08T22:02:11.681108
18056 / tcp
-98713449 | 2025-03-09T17:25:33.876090
18067 / tcp
-2031469209 | 2025-03-12T16:53:52.693842
18075 / tcp
-98713449 | 2025-02-25T03:29:50.482475
18080 / tcp
-333141579 | 2025-03-11T20:22:35.399009
18081 / tcp
-912925847 | 2025-03-17T06:00:59.383303
18088 / tcp
-98713449 | 2025-03-16T20:24:35.257840
18090 / tcp
-98713449 | 2025-03-17T02:25:22.719870
18094 / tcp
-2031469209 | 2025-03-11T17:06:50.549873
18105 / tcp
-98713449 | 2025-03-03T18:49:21.041531
18239 / tcp
-98713449 | 2025-03-06T02:01:23.594590
18245 / tcp
-98713449 | 2025-03-17T06:00:44.910443
18264 / tcp
-2031469209 | 2025-02-23T11:03:44.795135
18443 / tcp
159303791 | 2025-03-15T09:27:16.576171
18553 / tcp
1094048410 | 2025-03-14T11:26:10.059027
18556 / tcp
-98713449 | 2025-02-27T21:14:57.762407
19000 / tcp
-98713449 | 2025-03-17T06:17:00.011935
19014 / tcp
-2031469209 | 2025-02-25T11:24:09.698053
19016 / tcp
-2031469209 | 2025-03-10T04:28:29.321204
19071 / tcp
-98713449 | 2025-03-17T07:17:39.321501
19091 / tcp
-2031469209 | 2025-03-12T03:27:25.842461
19930 / tcp
411540654 | 2025-03-14T09:42:50.174162
19999 / tcp
1440224878 | 2025-03-16T12:17:04.808586
20000 / tcp
-98713449 | 2025-03-16T22:04:01.312466
20010 / tcp
-2031469209 | 2025-02-25T19:39:14.606048
20082 / tcp
-98713449 | 2025-02-26T15:34:29.814736
20084 / tcp
-98713449 | 2025-03-16T03:40:27.206132
20100 / tcp
-98713449 | 2025-03-12T00:27:17.920217
20107 / tcp
-2031469209 | 2025-02-28T02:36:34.174004
20150 / tcp
-98713449 | 2025-02-26T01:07:35.280174
20256 / tcp
-98713449 | 2025-03-17T00:45:00.277410
20547 / tcp
-98713449 | 2025-03-17T00:09:08.792563
21025 / tcp
-2031469209 | 2025-03-17T03:29:46.011174
21232 / tcp
-2031469209 | 2025-03-15T17:24:23.787300
21235 / tcp
-98713449 | 2025-03-06T22:11:17.663783
21247 / tcp
-2031469209 | 2025-03-03T20:37:26.525066
21253 / tcp
-98713449 | 2025-03-09T12:14:53.522993
21256 / tcp
-98713449 | 2025-03-12T10:17:31.041178
21258 / tcp
-2031469209 | 2025-03-01T01:12:30.088707
21269 / tcp
-98713449 | 2025-03-11T19:40:39.861450
21277 / tcp
-2031469209 | 2025-02-24T08:30:17.165620
21288 / tcp
-2031469209 | 2025-03-06T06:46:27.227567
21289 / tcp
-2031469209 | 2025-03-09T13:57:25.898385
21295 / tcp
-2031469209 | 2025-02-28T06:47:12.328035
21307 / tcp
-98713449 | 2025-03-16T13:48:03.075686
21318 / tcp
-2031469209 | 2025-03-13T12:42:25.998443
21321 / tcp
-98713449 | 2025-03-12T22:06:35.800088
21324 / tcp
-98713449 | 2025-03-07T16:10:17.143302
21326 / tcp
-98713449 | 2025-02-25T22:44:24.446890
21357 / tcp
-2031469209 | 2025-02-28T13:30:12.628366
21379 / tcp
-98713449 | 2025-03-17T05:56:01.669119
22084 / tcp
-98713449 | 2025-03-12T17:49:50.285061
22403 / tcp
-98713449 | 2025-03-12T10:58:29.512219
22556 / tcp
-98713449 | 2025-02-25T23:58:25.670267
22609 / tcp
-98713449 | 2025-02-22T16:40:08.342434
22703 / tcp
-98713449 | 2025-03-14T17:35:20.684417
23023 / tcp
-98713449 | 2025-03-16T23:42:00.417666
23084 / tcp
-2031469209 | 2025-02-28T17:16:31.467964
23424 / tcp
-98713449 | 2025-03-17T01:29:50.173813
25001 / tcp
-98713449 | 2025-03-17T07:11:37.936465
25007 / tcp
-98713449 | 2025-03-09T22:57:10.760801
25082 / tcp
-2031469209 | 2025-03-11T14:36:42.910500
25105 / tcp
-98713449 | 2025-03-16T14:01:51.123409
25565 / tcp
-2031469209 | 2025-03-17T01:04:13.607513
26656 / tcp
1094048410 | 2025-03-13T05:29:35.014438
26657 / tcp
1094048410 | 2025-03-12T01:40:06.302525
27015 / tcp
-98713449 | 2025-03-17T06:01:07.381216
28015 / tcp
-98713449 | 2025-03-16T23:36:41.510429
28017 / tcp
-2031469209 | 2025-03-17T03:33:17.686686
28080 / tcp
411540654 | 2025-03-10T23:40:33.327422
29840 / tcp
-98713449 | 2025-03-12T21:37:46.038274
30001 / tcp
-2031469209 | 2025-03-16T16:58:02.620553
30002 / tcp
-98713449 | 2025-03-17T08:15:48.371531
30003 / tcp
-98713449 | 2025-03-17T07:15:49.337772
30022 / tcp
1094048410 | 2025-03-14T20:33:10.364374
30023 / tcp
-98713449 | 2025-03-03T22:32:22.903449
30083 / tcp
-98713449 | 2025-02-23T07:39:55.661979
30120 / tcp
-2031469209 | 2025-03-16T09:01:38.779712
30122 / tcp
411540654 | 2025-03-11T03:19:00.931084
30222 / tcp
411540654 | 2025-03-09T05:05:27.461930
30422 / tcp
411540654 | 2025-03-13T11:24:55.303347
30479 / tcp
-2031469209 | 2025-02-25T08:21:00.563076
30522 / tcp
411540654 | 2025-03-12T13:45:08.643713
30700 / tcp
-98713449 | 2025-02-24T07:27:56.731162
30722 / tcp
1094048410 | 2025-03-13T12:42:17.558663
30822 / tcp
411540654 | 2025-03-12T19:46:52.033385
30922 / tcp
1094048410 | 2025-03-12T08:30:32.667499
31022 / tcp
1094048410 | 2025-03-13T07:25:29.558899
31122 / tcp
1094048410 | 2025-03-09T12:23:53.756499
31222 / tcp
411540654 | 2025-03-13T03:42:18.489698
31322 / tcp
1094048410 | 2025-03-09T15:14:33.486168
31337 / tcp
1094048410 | 2025-03-17T02:34:00.273752
31380 / tcp
-98713449 | 2025-02-24T07:17:45.690074
31443 / tcp
411540654 | 2025-03-12T18:51:51.934588
31444 / tcp
-2031469209 | 2025-03-11T16:34:36.000159
31522 / tcp
411540654 | 2025-03-13T00:27:56.329188
31622 / tcp
1094048410 | 2025-03-12T22:24:57.191436
31722 / tcp
411540654 | 2025-03-12T20:42:04.564606
31922 / tcp
411540654 | 2025-03-11T05:11:10.261161
32022 / tcp
411540654 | 2025-03-12T04:23:26.882282
32122 / tcp
411540654 | 2025-03-09T20:20:30.390831
32322 / tcp
411540654 | 2025-03-16T14:07:43.657036
32400 / tcp
-2031469209 | 2025-03-17T03:19:09.803708
32422 / tcp
1094048410 | 2025-03-09T14:11:38.372849
32522 / tcp
1094048410 | 2025-03-08T15:25:00.950351
32622 / tcp
411540654 | 2025-03-11T18:51:54.359194
32746 / tcp
-98713449 | 2025-03-11T13:17:09.357744
32764 / tcp
-98713449 | 2025-03-17T02:27:36.736192
32800 / tcp
-98713449 | 2025-03-14T00:41:15.756287
32922 / tcp
411540654 | 2025-03-11T01:35:11.365312
33022 / tcp
411540654 | 2025-02-27T16:04:46.419013
33060 / tcp
-98713449 | 2025-03-17T04:13:25.492819
33122 / tcp
1094048410 | 2025-03-04T13:29:14.211944
33222 / tcp
1094048410 | 2025-03-09T18:37:44.409369
33322 / tcp
411540654 | 2025-02-23T16:43:17.197992
33422 / tcp
411540654 | 2025-03-09T08:25:36.813345
33522 / tcp
411540654 | 2025-02-26T14:50:49.218811
33622 / tcp
1094048410 | 2025-03-08T18:50:50.577306
33822 / tcp
1094048410 | 2025-03-08T12:01:33.531127
34422 / tcp
1094048410 | 2025-03-15T00:05:59.625296
34500 / tcp
-2031469209 | 2025-03-04T21:24:29.489218
34522 / tcp
411540654 | 2025-03-05T05:42:35.731420
34622 / tcp
411540654 | 2025-03-04T17:04:09.946094
34822 / tcp
1094048410 | 2025-03-03T21:23:43.425678
35000 / tcp
-98713449 | 2025-03-17T00:09:48.482640
35100 / tcp
-98713449 | 2025-03-04T05:31:38.805991
35241 / tcp
-2031469209 | 2025-03-13T22:24:42.740357
35322 / tcp
1094048410 | 2025-03-04T04:41:04.564168
35422 / tcp
411540654 | 2025-02-28T07:46:57.675607
35522 / tcp
411540654 | 2025-03-17T00:13:04.238212
35554 / tcp
-98713449 | 2025-02-23T15:51:39.613779
35560 / tcp
-98713449 | 2025-03-14T08:59:04.433927
35622 / tcp
411540654 | 2025-03-04T11:42:11.487586
35722 / tcp
411540654 | 2025-02-28T05:53:33.556387
36022 / tcp
1094048410 | 2025-02-27T04:39:38.942668
36122 / tcp
1094048410 | 2025-03-13T09:26:46.152198
36422 / tcp
1094048410 | 2025-03-15T07:46:19.190696
36522 / tcp
411540654 | 2025-02-28T19:53:26.392981
36622 / tcp
1094048410 | 2025-03-16T06:57:24.866619
36722 / tcp
411540654 | 2025-03-17T04:12:19.825885
36922 / tcp
411540654 | 2025-03-01T01:11:13.266214
36982 / tcp
-2031469209 | 2025-03-06T19:42:58.720114
37022 / tcp
1094048410 | 2025-03-16T18:43:32.682421
37080 / tcp
-2031469209 | 2025-03-17T01:55:17.564801
37122 / tcp
411540654 | 2025-03-16T22:25:53.010653
37222 / tcp
411540654 | 2025-03-14T18:50:37.405655
37322 / tcp
411540654 | 2025-03-16T10:37:10.861296
37422 / tcp
411540654 | 2025-03-15T11:23:56.240372
37443 / tcp
-98713449 | 2025-03-11T09:12:51.829767
37522 / tcp
1094048410 | 2025-03-16T08:56:34.423905
37622 / tcp
411540654 | 2025-03-16T01:19:07.805085
37722 / tcp
411540654 | 2025-03-15T23:35:57.965333
37777 / tcp
-2031469209 | 2025-03-16T23:11:49.807758
37822 / tcp
1094048410 | 2025-02-28T02:15:53.960183
37922 / tcp
1094048410 | 2025-02-28T00:31:06.183495
38022 / tcp
411540654 | 2025-02-27T13:04:52.006584
38122 / tcp
411540654 | 2025-03-15T18:04:51.294696
38222 / tcp
1094048410 | 2025-03-11T17:16:21.693871
38333 / tcp
411540654 | 2025-03-15T20:55:01.420558
38522 / tcp
1094048410 | 2025-03-13T23:27:51.602759
38622 / tcp
1094048410 | 2025-03-14T08:00:07.776168
38722 / tcp
411540654 | 2025-03-13T21:25:16.780996
38822 / tcp
1094048410 | 2025-03-12T15:23:49.846329
38922 / tcp
411540654 | 2025-03-13T14:27:30.388357
39022 / tcp
411540654 | 2025-03-13T19:49:50.163038
39122 / tcp
411540654 | 2025-03-13T18:06:20.918515
39222 / tcp
1094048410 | 2025-03-13T16:13:30.973524
39422 / tcp
411540654 | 2025-03-11T12:05:17.043854
39522 / tcp
1094048410 | 2025-03-11T08:33:25.321006
39622 / tcp
1094048410 | 2025-03-11T06:52:00.660257
39822 / tcp
1094048410 | 2025-03-12T05:05:24.284636
39922 / tcp
411540654 | 2025-02-26T16:34:14.285506
40000 / tcp
-2031469209 | 2025-03-04T13:04:56.534086
40001 / tcp
-98713449 | 2025-03-05T14:15:59.014535
40022 / tcp
411540654 | 2025-03-09T10:47:22.174267
40222 / tcp
1094048410 | 2025-03-04T11:28:18.157250
40322 / tcp
411540654 | 2025-03-08T20:43:05.590801
40622 / tcp
411540654 | 2025-02-26T11:25:22.171615
40722 / tcp
411540654 | 2025-03-08T13:43:07.566746
41022 / tcp
1094048410 | 2025-03-08T22:52:22.337694
41122 / tcp
411540654 | 2025-02-27T14:08:46.362702
41222 / tcp
411540654 | 2025-03-05T00:05:15.863991
41443 / tcp
411540654 | 2025-03-14T02:38:12.479318
41522 / tcp
411540654 | 2025-03-04T20:34:10.684594
41800 / tcp
-98713449 | 2025-03-17T05:52:28.465579
41822 / tcp
411540654 | 2025-03-07T17:04:43.691812
41922 / tcp
411540654 | 2025-03-07T15:21:25.520588
42022 / tcp
411540654 | 2025-03-04T15:20:11.762278
42222 / tcp
411540654 | 2025-03-04T22:19:14.399756
42422 / tcp
411540654 | 2025-03-04T18:50:00.071510
43222 / tcp
1094048410 | 2025-02-28T23:23:54.011131
43322 / tcp
411540654 | 2025-02-27T21:04:44.604089
43522 / tcp
411540654 | 2025-02-27T18:49:13.515189
43622 / tcp
1094048410 | 2025-02-26T23:26:53.765899
43722 / tcp
1094048410 | 2025-02-27T02:51:32.125253
43822 / tcp
411540654 | 2025-02-27T02:09:36.710871
44021 / tcp
-2031469209 | 2025-03-05T17:25:02.993361
44022 / tcp
1094048410 | 2025-02-27T07:20:03.864931
44122 / tcp
411540654 | 2025-02-26T21:44:25.491180
44158 / tcp
-2031469209 | 2025-03-16T23:52:15.571214
44302 / tcp
-98713449 | 2025-02-26T08:29:14.089348
44320 / tcp
-98713449 | 2025-02-28T15:32:25.601855
44322 / tcp
1094048410 | 2025-02-26T09:40:59.367231
44422 / tcp
1094048410 | 2025-02-26T07:59:02.039453
44522 / tcp
411540654 | 2025-02-26T07:44:01.646528
44622 / tcp
411540654 | 2025-02-23T03:01:01.079439
44922 / tcp
411540654 | 2025-02-26T02:54:56.203985
45000 / tcp
-2031469209 | 2025-03-17T02:54:47.133754
45111 / tcp
-2031469209 | 2025-03-14T15:57:46.408769
45122 / tcp
1094048410 | 2025-02-25T13:26:15.835854
45222 / tcp
1094048410 | 2025-02-25T18:34:39.722314
45322 / tcp
411540654 | 2025-02-25T16:58:25.015463
45333 / tcp
-98713449 | 2025-03-09T10:09:29.334641
45622 / tcp
1094048410 | 2025-02-25T13:46:53.563038
45677 / tcp
-2031469209 | 2025-03-16T09:14:00.414231
45822 / tcp
1094048410 | 2025-03-10T11:49:00.144531
45886 / tcp
-2031469209 | 2025-03-11T13:41:20.312035
45888 / tcp
-98713449 | 2025-03-14T09:35:40.754264
46001 / tcp
-98713449 | 2025-03-10T10:14:16.719779
46122 / tcp
1094048410 | 2025-02-25T05:09:01.117157
46222 / tcp
1094048410 | 2025-02-24T22:35:00.734595
46322 / tcp
1094048410 | 2025-02-24T20:32:31.339704
46422 / tcp
411540654 | 2025-02-24T08:22:40.153548
46522 / tcp
1094048410 | 2025-02-24T04:54:34.704328
46922 / tcp
411540654 | 2025-02-23T23:49:30.766199
47000 / tcp
-2031469209 | 2025-02-23T05:13:10.693435
47122 / tcp
411540654 | 2025-02-23T22:28:36.376143
47322 / tcp
1094048410 | 2025-02-25T04:43:20.228419
47422 / tcp
411540654 | 2025-02-25T00:29:01.984445
47522 / tcp
1094048410 | 2025-02-25T08:48:12.281555
47622 / tcp
1094048410 | 2025-02-25T01:42:53.935222
47722 / tcp
411540654 | 2025-03-10T10:04:58.538021
47822 / tcp
411540654 | 2025-03-10T08:21:55.785569
47922 / tcp
1094048410 | 2025-03-10T09:21:49.460332
47990 / tcp
411540654 | 2025-03-16T23:54:56.090955
48002 / tcp
-2031469209 | 2025-03-16T23:15:28.156363
48018 / tcp
-98713449 | 2025-02-26T10:13:13.887720
48222 / tcp
1094048410 | 2025-03-10T04:16:35.366962
48422 / tcp
411540654 | 2025-03-09T23:49:10.244871
48522 / tcp
411540654 | 2025-03-09T22:00:37.299978
48622 / tcp
411540654 | 2025-02-24T18:41:27.977294
48722 / tcp
1094048410 | 2025-02-24T15:11:55.076214
48822 / tcp
411540654 | 2025-02-24T18:31:06.346900
48922 / tcp
1094048410 | 2025-02-24T13:29:18.044058
49022 / tcp
1094048410 | 2025-03-07T14:06:20.192726
49080 / tcp
-98713449 | 2025-03-17T03:37:29.841004
49152 / tcp
-98713449 | 2025-03-17T03:07:24.386189
49222 / tcp
1094048410 | 2025-02-22T23:51:05.476639
49422 / tcp
1094048410 | 2025-02-23T01:06:13.070563
49922 / tcp
1094048410 | 2025-02-22T18:06:08.784151
50000 / tcp
-2031469209 | 2025-03-17T04:12:58.471646
50002 / tcp
-2031469209 | 2025-03-07T05:32:03.750670
50007 / tcp
-2031469209 | 2025-03-12T13:22:34.242058
50008 / tcp
-2031469209 | 2025-03-14T00:45:51.196907
50050 / tcp
-2031469209 | 2025-03-16T13:07:14.852005
50070 / tcp
-1843295204 | 2025-03-17T02:23:05.001046
50100 / tcp
-2031469209 | 2025-03-17T06:42:06.035251
50105 / tcp
-2031469209 | 2025-03-13T16:33:47.617934
51004 / tcp
-2031469209 | 2025-03-06T20:44:28.153975
51106 / tcp
-98713449 | 2025-03-17T05:16:42.403623
51235 / tcp
-98713449 | 2025-03-17T02:48:33.298208
51443 / tcp
411540654 | 2025-03-12T00:10:50.576106
52311 / tcp
-2031469209 | 2025-03-17T02:12:02.975816
52869 / tcp
-98713449 | 2025-03-17T06:18:58.548937
52881 / tcp
-98713449 | 2025-02-22T18:35:08.610838
53400 / tcp
-98713449 | 2025-03-14T14:57:18.251456
53413 / udp
-1959516545 | 2025-03-14T16:37:20.928477
53480 / tcp
-98713449 | 2025-03-14T18:47:21.603940
53490 / tcp
-2031469209 | 2025-03-12T03:56:05.984620
54138 / tcp
-98713449 | 2025-03-17T06:42:15.945088
55000 / tcp
-2031469209 | 2025-03-17T05:55:22.712989
55022 / tcp
411540654 | 2025-03-07T03:20:28.841327
55422 / tcp
411540654 | 2025-03-06T17:57:05.142081
55442 / tcp
-2031469209 | 2025-03-16T23:43:11.160588
55443 / tcp
411540654 | 2025-03-16T23:23:19.944541
55470 / tcp
-2031469209 | 2025-03-04T14:19:56.371107
55490 / tcp
-2031469209 | 2025-03-07T15:35:02.489208
55522 / tcp
1094048410 | 2025-03-06T22:16:07.149362
55553 / tcp
1094048410 | 2025-03-17T01:37:00.216442
55554 / tcp
-2031469209 | 2025-03-17T02:19:51.780743
55622 / tcp
411540654 | 2025-03-06T15:24:23.416301
55722 / tcp
1094048410 | 2025-03-06T18:49:26.916672
55822 / tcp
1094048410 | 2025-03-06T22:43:45.352572
57022 / tcp
1094048410 | 2025-03-06T13:45:09.304746
57522 / tcp
1094048410 | 2025-03-06T13:22:59.174141
57622 / tcp
411540654 | 2025-03-06T10:09:04.264089
57722 / tcp
1094048410 | 2025-03-06T08:04:03.870778
57822 / tcp
1094048410 | 2025-03-06T06:06:43.433772
57922 / tcp
1094048410 | 2025-03-06T03:49:52.980375
58322 / tcp
1094048410 | 2025-03-05T22:55:31.398232
58378 / tcp
-2031469209 | 2025-02-26T09:23:21.870026
58392 / tcp
-2031469209 | 2025-03-10T04:22:15.756573
58422 / tcp
411540654 | 2025-03-05T20:51:18.501507
58522 / tcp
1094048410 | 2025-03-05T19:08:46.989631
58822 / tcp
1094048410 | 2025-03-05T16:32:06.531288
58922 / tcp
1094048410 | 2025-03-05T13:59:27.268378
59122 / tcp
1094048410 | 2025-03-05T10:56:41.945236
59222 / tcp
1094048410 | 2025-03-05T09:04:08.387244
59322 / tcp
411540654 | 2025-03-05T07:03:40.659184
59522 / tcp
1094048410 | 2025-03-03T17:56:40.197086
60001 / tcp
-2031469209 | 2025-03-17T03:49:15.152998
60010 / tcp
-2031469209 | 2025-02-22T18:53:53.065014
60030 / tcp
-98713449 | 2025-03-15T03:08:57.854683
60099 / tcp
-98713449 | 2025-03-17T07:58:54.483907
60102 / tcp
-2031469209 | 2025-02-27T07:15:21.880276
61613 / tcp
-98713449 | 2025-03-17T02:28:09.665827
61616 / tcp
-98713449 | 2025-03-17T00:31:19.581270
61617 / tcp
-98713449 | 2025-03-16T19:57:00.484040
62078 / tcp
-98713449 | 2025-03-16T19:56:28.725527
63210 / tcp
-2031469209 | 2025-03-16T12:59:33.028733
63256 / tcp
-98713449 | 2025-03-16T17:12:16.308155
63257 / tcp
411540654 | 2025-03-11T13:52:21.388259
63260 / tcp
1094048410 | 2025-03-11T20:38:37.717179



Products
Pricing
Contact Us

Shodan ® - All rights reserved