104 matches found
SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2026:2104-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2104-1 advisory. This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on...
Security update for apache2
This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...
Important: mod_http2
Issue Overview: Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue. CVE-2026-23918 Affected Packages: modhttp2 Issue Correction: Run dnf...
cve-2026-poc-collection
CVE-2026 PoC Collection Report Collection date: May 19, 2...
apache2-2.4.67-1.1 on GA media (moderate)
apache2-2.4.67-1.1 on GA media Announcement ID: openSUSE-SU-2026:10785-1 Rating: moderate Cross-References: CVE-2026-23918 CVE-2026-24072 CVE-2026-28780 CVE-2026-29168 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059 CVSS scores:...
Photon OS 4.0: Httpd PHSA-2026-4.0-1014
An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1014. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Httpd PHSA-2026-5.0-0848
An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0848. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Exploit for Double Free in Apache Http_Server
CVE-2026-23918 "Apache HTTP/2 Double-Free" — Detection & Respo...
USN-8239-1 apache2 vulnerabilities
Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...
Exploit for Double Free in Apache Http_Server
Watch for the double-free in real-ti...
Exploit for Double Free in Apache Http_Server
CVE-2026-23918-Apache-H2-PoC This is a proof-of-concept explo...
Exploit for Double Free in Apache Http_Server
CVE-2026-23918 CVE-2026-23918: Apache HTTP/2 Double...
Debian dsa-6248 : apache2 - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6248 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6248-1 [email protected]...
Exploit for Double Free in Apache Http_Server
Apache HTTP Server: http2: Double Free and possible RCE on e...
Linux Distros Unpatched Vulnerability : CVE-2026-23918
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended ...
CVE-2026-23918
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...
CVE-2026-23918
creationtimestamp| type| source ---|---|--- 2026-05-04 16:22:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml23ey76qf2z 2026-05-04 17:18:52+00:00| seen| https://infosec.exchange/users/harrysintonen/statuses/116517446102524326 2026-05-04 17:48:44+00:00| seen|...
CVE-2026-23918
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...
www/apache24 -- Multiple vulnerabilities
The Apache httpd project reports: modproxyajp: CVE-2026-34059, CVE-2026-34032, CVE-2026-33857, CVE-2026-28780 multiple modules: CVE-2026-33523 modauthnsocache: CVE-2026-33007 modauthdigest: CVE-2026-33006 moddavlock: moddavlock modmd: CVE-2026-29168 modrewrite: CVE-2026-24072 modhttp2:...
MiracleLinux 8 : nodejs:18 (AXSA:2023-5259:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5259:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 http-cache-semantics: Regular Expression Denial of Service ReDoS vulnerability...