| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2765 | 5.0 |
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header
|
16-11-2020 - 20:47 | 15-07-2013 - 15:55 | |
| CVE-2007-1359 | 6.8 |
Interpretation conflict in ModSecurity (mod_security) 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ (0x00) byte, which mod_security treats as a terminator eve
|
29-07-2017 - 01:30 | 08-03-2007 - 22:19 | |
| CVE-2004-1765 | 7.5 |
Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2003-1171 | 7.5 |
Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data.
|
11-07-2017 - 01:29 | 31-12-2003 - 05:00 |