HIGH8.6CVE-2024-1019WAF bypass of the ModSecurity v3 release line from 0
HIGH7.5CVE-2026-42268ModSecurity: Unsigned integer underflow in @verifySSN / @verifyCPF / @verifySVNR operators from 0
HIGH7.5CVE-2026-30923libModSecurity3 denial of service via segfault when using t:hexDecode on single-character query strings from 0
HIGH7.5Libmodsecurity3 has possible bypass of encoded HTML entities
from 0, < 3.0.14-1
HIGH7.5Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity.
from 0
HIGH7.5Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs c…
from 0, < 3.0.9-1
HIGH7.5modsecurity-apache - security update
from 0
HIGH7.5modsecurity-apache - security update
from 0
HIGH7.5modsecurity - security update
from 0, < 3.0.3-1+deb10u2
HIGH7.5modsecurity - security update
from 0, < 3.0.4-2
HIGH7.5Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to…
from 0, < 3.0.4-1
MEDIUM5.3ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process c…
from 0, < 3.0.4-1