CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в apache2

Some modproxy configurations on the Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP Request Smuggling attack. These configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch, where a non-specific pattern matches a portion of the...

9.8CVSS6.8AI score0.67011EPSS

Exploits5References2

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017567 advisory. A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion i...

7.5CVSS7AI score0.1746EPSS

Exploits0References4

OSV•added 2026/04/21 12:4 a.m.•2 views

JLSEC-2026-162

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.1746EPSS

Exploits0References14

Tenable Nessus•added 2025/08/15 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2023-25690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modprox...

9.8CVSS6.8AI score0.67011EPSS

Exploits5References2

Packet Storm•added 2024/01/02 12:0 a.m.•9719 views

Apache 2.4.55 mod_proxy HTTP Request Smuggling

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

9.8CVSS7.4AI score0.67011EPSS

Exploits5

0day.today•added 2023/12/04 12:0 a.m.•356 views

GaatiTrack Courier Management System 1.0 SQL Injection Vulnerability

Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php Version: v1.0 Teste...

9.8CVSS7.4AI score0.00177EPSS

Exploits3

Packet Storm•added 2023/12/04 12:0 a.m.•308 views

GaatiTrack Courier Management System 1.0 SQL Injection

Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Date: 13/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php...

7.4AI score0.00177EPSS

Exploits3

Packet Storm•added 2023/11/20 12:0 a.m.•633 views

Jorani Leave Management System 1.0.2 Host Header Injection

Exploit Title: Jorani Leave Management System v1.0.2 Host Header Attack Date: 12/11/2023 Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://jorani.org/ Software Link: https://github.com/bbalet/jorani/releases/download/v1.0.2/jorani-1.0.2.zip Version: v1.0.2 Tested...

7.5AI score0.00191EPSS

Exploits3

CBLMariner•added 2023/11/08 2:7 a.m.•30 views

CVE-2023-45802 affecting package httpd for versions less than 2.4.58-1

CVE-2023-45802 affecting package httpd for versions less than 2.4.58-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS6.9AI score0.02793EPSS

Exploits1

CBLMariner•added 2023/11/08 2:7 a.m.•14 views

CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1

CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.7AI score0.59544EPSS

Exploits0

OSV•added 2023/10/23 7:15 a.m.•1 views

AZL-31610 CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

7.5CVSS7AI score0.59544EPSS

Exploits0References1

Gentoo Linux•added 2023/09/08 12:0 a.m.•115 views

Apache HTTPD: Multiple Vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

9.8CVSS9.5AI score0.67011EPSS

Exploits5

Packet Storm•added 2023/07/05 12:0 a.m.•239 views

Beauty Salon Management System 1.0 SQL Injection

Exploit Title: Beauty Salon Management System v1.0 - SQLi Date of found: 04/07/2023 Exploit Author: Fatih Nacar Version: V1.0 Tested on: Windows 10 Vendor Homepage: https://www.campcodes.com Software Link: https://www.campcodes.com/projects/beauty-salon-management-system-in-php-and-mysqli/ CWE:...

7.1AI score

Exploits0

Tenable Nessus•added 2023/04/06 12:0 a.m.•82 views

RHEL 8 : httpd:2.4 (RHSA-2023:1673)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1673 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting wi...

9.8CVSS7AI score0.67011EPSS

Exploits5References4

Tenable Product Security Advisories•added 2023/03/28 3:10 p.m.•12 views

[R1] Stand-alone Security Patches Available for Tenable.sc versions 5.22.0, 5.23.1, and 6.0.0: SC-202303.2

R1 Stand-alone Security Patches Available for Tenable.sc versions 5.22.0, 5.23.1, and 6.0.0: SC-202303.2 Arnie Cabral Tue, 03/28/2023 - 11:10 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components in use Apache was found to contain...

7.1AI score

Exploits0

CBLMariner•added 2023/03/24 11:56 p.m.•23 views

CVE-2023-27522 affecting package httpd for versions less than 2.4.56-1

CVE-2023-27522 affecting package httpd for versions less than 2.4.56-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS9AI score0.00667EPSS

Exploits0

Tenable Nessus•added 2023/03/22 12:0 a.m.•87 views

Amazon Linux 2 : httpd (ALAS-2023-1989)

The version of httpd installed on the remote host is prior to 2.4.56-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1989 advisory. Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack...

9.8CVSS7.1AI score0.67011EPSS

Exploits5References6

Amazon•added 2023/03/20 12:0 a.m.•118 views

Important: httpd24

Issue Overview: A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE-2006-20001 Inconsistent...

9.8CVSS7AI score0.67011EPSS

Exploits5

OSV•added 2023/03/17 11:5 a.m.•5 views

OESA-2023-1161 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can...

9.8CVSS9.2AI score0.67011EPSS

Exploits5References3