28 matches found
Security Bulletin: Multiple vulnerabilities within IBM HTTP Server, affect IBM Tivoli Monitoring.
Summary Multiple vulnerabilities within IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server have been addressed. Vulnerability Details CVEID:CVE-2025-66200 DESCRIPTION: moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users...
EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2026-1556)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1430)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1338)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : httpd (EulerOS-SA-2026-1609)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1242)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP3 (RHSA-2026:2994)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2994 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
[SECURITY] [DLA 4452-1] apache2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4452-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès January 24, 2026 https://wiki.debian.org/LTS -...
Debian dla-4452 : apache2 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4452 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4452-1 [email protected]...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-65082)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65082 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP...
CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-65082)
The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65082 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP...
Ubuntu: Security Advisory (USN-7968-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MiracleLinux 9 : httpd-2.4.62-7.el9_7.3 (AXSA:2025-11631:11)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11631:11 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride...
Important: httpd
Issue Overview: An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache...
Alibaba Cloud Linux 3 : 0197: httpd:2.4 (ALINUX3-SA-2025:0197)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0197 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-55753: An integer overflow in the...
Fedora: Security Advisory (FEDORA-2025-f7c75ffee2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : httpd:2.4 (ELSA-2025-23732)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23732 advisory. - Resolves: RHEL-135054 - httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 - Resolves: RHEL-135039 - http...
RockyLinux 9 : httpd (RLSA-2025:23919)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23919 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileIn...
CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1
CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1. An upgraded version of the package is available that resolves this issue...
RHEL 10 : httpd (RHSA-2025:23932)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23932 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...