Lucene search
K

27 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 3:18 p.m.8 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP4 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.5AI score0.11471EPSS
Exploits8References12
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.25 views

RockyLinux 9 : httpd (RLSA-2026:21391)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21391 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due...

9.8CVSS6.4AI score0.01325EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.17 views

SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2026:2104-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2104-1 advisory. This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on...

9.8CVSS7.7AI score0.4581EPSS
Exploits18References34
SUSE Linux
SUSE Linux
added 2026/05/28 2:3 p.m.10 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

9.2CVSS6.2AI score0.4581EPSS
Exploits18References44
CBLMariner
CBLMariner
added 2026/05/18 8:36 p.m.20 views

CVE-2026-33007 affecting package httpd for versions less than 2.4.67-1

CVE-2026-33007 affecting package httpd for versions less than 2.4.67-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/17 12:0 a.m.15 views

apache2-2.4.67-1.1 on GA media (moderate)

apache2-2.4.67-1.1 on GA media Announcement ID: openSUSE-SU-2026:10785-1 Rating: moderate Cross-References: CVE-2026-23918 CVE-2026-24072 CVE-2026-28780 CVE-2026-29168 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059 CVSS scores:...

9.2CVSS6AI score0.4581EPSS
Exploits18
Debian
Debian
added 2026/05/08 9:12 a.m.10 views

[SECURITY] [DLA 4571-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4571-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 08, 2026 https://wiki.debian.org/LTS -...

8.8CVSS6.2AI score0.00654EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.11 views

Debian dsa-6248 : apache2 - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6248 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6248-1 [email protected]...

9.8CVSS6.2AI score0.4581EPSS
Exploits18References25
OSV
OSV
added 2026/05/05 5:19 p.m.6 views

BELL-CVE-2026-33007

Bulletin has no description...

5.3CVSS5.7AI score0.00514EPSS
Exploits0References1
OSV
OSV
added 2026/05/05 12:0 a.m.4 views

UBUNTU-CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/05 12:0 a.m.5 views

CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References2
Circl
Circl
added 2026/05/04 5:51 p.m.7 views

CVE-2026-33007

creationtimestamp| type| source ---|---|--- 2026-05-04 17:51:15+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3ml2adulsub22 2026-05-05 00:01:51+00:00| seen| https://bsky.app/profile/slackers.it/post/3ml2v2k2mxj2q 2026-05-05 14:35:37+00:00| seen|...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2026/05/04 12:0 a.m.42 views

www/apache24 -- Multiple vulnerabilities

The Apache httpd project reports: modproxyajp: CVE-2026-34059, CVE-2026-34032, CVE-2026-33857, CVE-2026-28780 multiple modules: CVE-2026-33523 modauthnsocache: CVE-2026-33007 modauthdigest: CVE-2026-33006 moddavlock: moddavlock modmd: CVE-2026-29168 modrewrite: CVE-2026-24072 modhttp2:...

9.8CVSS5.8AI score0.4581EPSS
Exploits18References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.9 views

CVE-2021-33007

A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code...

7.8CVSS7.8AI score0.01068EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.8 views

CVE-2022-33007

TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgimain...

8.8CVSS8AI score0.00809EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/14 3:44 a.m.11 views

CVE-2024-33007 Client-side script execution vulnerability in SAP UI5(PDFViewer)

PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. If a PDF document contains embedded JavaScript or any harmful client-side script, the PDFViewer will execute the JavaScript embedded in the PDF which can cause a potential securi...

3.5CVSS4.6AI score0.00341EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/14 3:44 a.m.12 views

CVE-2024-33007 Client-side script execution vulnerability in SAP UI5(PDFViewer)

PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. If a PDF document contains embedded JavaScript or any harmful client-side script, the PDFViewer will execute the JavaScript embedded in the PDF which can cause a potential securi...

3.5CVSS7.1AI score0.00341EPSS
Exploits0References2
OSV
OSV
added 2023/05/16 5:15 p.m.3 views

CVE-2023-33007

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6AI score0.00456EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/16 4:0 p.m.22 views

CVE-2023-33007

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.5AI score0.00456EPSS
Exploits0References1
CVE
CVE
added 2023/05/16 4:0 p.m.62 views

CVE-2023-33007

CVE-2023-33007 concerns the Jenkins LoadComplete support Plugin (version 1.0 and earlier). The vulnerability arises from not escaping the LoadComplete test name in the plugin’s UI, creating a stored XSS condition that is exploitable by attackers who have Item/Configure permission. Public referenc...

5.4CVSS5.2AI score0.00456EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder