Filters

Versions

3.0.0
8
2.0.0
1
3.0.3
1
3.0.4
1
3.0.5
1

Trustwave ModSecurityWAF bypass of the ModSecurity v3 release line

high
8.6
First published (updated )
CVE-2024-1019

Trustwave ModSecurityTrustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity.

high
7.5
EPSS
0.05%
First published (updated )
CVE-2023-38285

Trustwave ModSecurityTrustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and …

high
7.5
First published (updated )
CVE-2023-28882

ubuntu/modsecurity-apacheIn ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed an…

high
7.5
First published (updated )
CVE-2022-48279

ubuntu/modsecurity-apacheIncorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Appli…

high
7.5
First published (updated )
CVE-2023-24021

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ubuntu/modsecurity-apacheModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with …

high
7.5
First published (updated )
CVE-2021-42717

Trustwave ModSecurityModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index o…

medium
5.3
First published (updated )
CVE-2019-25043

debian/modsecurityModSecurity v3.0.x is affected by a Denial of Service vulnerability due to the global matching of re…

high
7.5
First published (updated )
CVE-2020-15598

Fedoraproject FedoraTrustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when…

high
7.5
First published (updated )
CVE-2019-19886

Trustwave ModSecurityXSS

medium
6.1
First published (updated )
CVE-2018-13065

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Debian Debian Linuxapache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using c…

medium
5
First published (updated )
CVE-2013-5705

openSUSE openSUSENull Pointer Dereference

medium
5
First published (updated )
CVE-2013-2765

openSUSE openSUSEXEE

high
7.5
First published (updated )
CVE-2013-1915

openSUSE openSUSEThe mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass r…

medium
5
First published (updated )
CVE-2012-4528

openSUSE openSUSEXSS

medium
4.3
First published (updated )
CVE-2012-2751

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

openSUSE openSUSEXSS

medium
4.3
First published (updated )
CVE-2009-5031

Fedoraproject FedoraNull Pointer Dereference

medium
5
First published (updated )
CVE-2009-1902

Fedoraproject FedoraXSS

medium
4.3
First published (updated )
CVE-2009-1903

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203