ROOT-OS-DEBIAN-12-CVE-2025-38474 CVE-2025-38474 in rootio-linux - Patched by Root

Root has patched CVE-2025-38474 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2025-38474 CVE-2025-38474 in rootio-linux - Patched by Root

Root has patched CVE-2025-38474 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-38474 CVE-2025-38474 in rootio-linux - Patched by Root

Root has patched CVE-2025-38474 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

MiracleLinux 8 : httpd:2.4 (AXSA:2024-8622:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8622:01 advisory. httpd: Encoding problem in modproxy CVE-2024-38473 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: Improper escaping of outpu...

Oracle Linux 7 : httpd (ELSA-2026-0075)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0075 advisory. - Fix CVE-2025-58098 Orabug: 38816066 - Fixed security update CVE-2024-47252 CVE-2025-49812 Orabug: 38378160 - Differentiate trusted sources Orabug:...

CLSA-2025-1760711358 Fix CVE(s): CVE-2024-38474, CVE-2024-38475

SECURITY UPDATE: modrewrite proxy handler substitution and prefixstat vulnerabilities - debian/patches/CVE-2024-38474-38475-.patch: tighten up prefixstat and %3f handling, add better question mark tracking to avoid UnsafeAllow3F - CVE-2024-38474, CVE-2024-38475...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-109 (ALASKERNEL-5.4-2025-109)

The version of kernel installed on the remote host is prior to 5.4.298-218.429. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-109 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check...

Linux Distros Unpatched Vulnerability : CVE-2025-38474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoin...

Ubuntu: Security Advisory (USN-6885-6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6885-6 apache2 regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

CVE-2025-38474

In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission...

CVE-2025-38474

CVE-2025-38474 affects the Linux kernel USB Sierra network driver. The issue arises from not verifying that the driver’s third USB endpoint is an interrupt input, since the code only checked for three endpoints and bulk in/out. The fix “rectifies the omission” by validating the endpoint type. Ups...

TencentOS Server 2: httpd (TSSA-2024:0380)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0380 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 4: httpd (TSSA-2024:0281)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0281 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: httpd:2.4 (TSSA-2024:0275)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0275 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0155: httpd:2.4 (ALINUX3-SA-2024:0155)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0155 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-38709: Faulty input validation in...

Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.

Summary IBM Rational Build Forge 8.0.0.27 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-40898 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with modrewrite in server/vhost context. By sending a specially crafte...

Ubuntu: Security Advisory (USN-6885-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6885-4: Apache HTTP Server regression

USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A...

USN-6885-4 apache2 regression

USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A...