Max CVSS | 6.4 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-1547 | 1.9 |
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those case
|
21-06-2024 - 19:15 | 10-09-2019 - 17:15 | |
CVE-2020-1927 | 5.8 |
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
|
25-07-2022 - 18:15 | 02-04-2020 - 00:15 | |
CVE-2019-10082 | 6.4 |
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
|
25-07-2022 - 18:15 | 26-09-2019 - 16:15 | |
CVE-2019-10092 | 4.3 |
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only
|
09-09-2021 - 01:05 | 26-09-2019 - 16:15 | |
CVE-2019-1563 | 4.3 |
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decryp
|
31-07-2021 - 08:15 | 10-09-2019 - 17:15 | |
CVE-2019-10097 | 6.0 |
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulner
|
07-07-2021 - 19:01 | 26-09-2019 - 16:15 | |
CVE-2019-10098 | 5.8 |
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
|
14-06-2021 - 18:15 | 25-09-2019 - 17:15 | |
CVE-2019-10081 | 5.0 |
HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header value
|
06-06-2021 - 11:15 | 15-08-2019 - 22:15 | |
CVE-2019-1549 | 5.0 |
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this pro
|
20-10-2020 - 22:15 | 10-09-2019 - 17:15 |