Lucene search
K

490 matches found

Rockylinux
Rockylinux
added 2025/12/23 9:9 a.m.9 views

mod_md security update

An update is available for modmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This module manages common properties of domains for one or more virtual hosts...

7.5CVSS6.9AI score0.00417EPSS
Exploits0
OSV
OSV
added 2025/12/23 9:9 a.m.5 views

RLSA-2025:23739 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

7.5CVSS6.8AI score0.00417EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/12/22 1:45 a.m.2 views

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 1:45 a.m.10 views

Important: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.1AI score0.00417EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/12/22 1:33 a.m.5 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 1:28 a.m.6 views

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 1:28 a.m.9 views

Important: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.1AI score0.00417EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2025/12/22 12:0 a.m.8 views

Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

7.5CVSS6.9AI score0.00417EPSS
Exploits0References4
OSV
OSV
added 2025/12/22 12:0 a.m.5 views

ALSA-2025:23738 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

7.5CVSS6.8AI score0.00417EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.5 views

AlmaLinux 8 : httpd:2.4 (ALSA-2025:23732)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.3 views

RHEL 10 : mod_md (RHSA-2025:23738)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23738 advisory. This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate...

7.5CVSS5.7AI score0.00417EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.2 views

RHEL 9 : mod_md (RHSA-2025:23739)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23739 advisory. This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate...

7.5CVSS5.7AI score0.00417EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2025/12/21 12:0 a.m.6 views

mod_md security update

1:2.4.26-1.1 - Resolves: RHEL-134496 - httpd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753...

7.5CVSS7.1AI score0.00417EPSS
Exploits0
OSV
OSV
added 2025/12/18 5:17 p.m.3 views

SUSE-SU-2025:4488-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...

8.3CVSS6.9AI score0.01527EPSS
Exploits0References9
OSV
OSV
added 2025/12/17 3:16 p.m.11 views

CVE-2025-44005

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks...

10CVSS5.8AI score0.0326EPSS
Exploits0References5
CVE
CVE
added 2025/12/17 3:16 p.m.43 views

CVE-2025-44005

The CVE describes an Authorization bypass in Smallstep Step CA where ACME or SCEP provisioners can create certificates without completing certain protocol authorization checks. Affected component: Step CA (ACME/SCEP provisioners). Root cause: bypass of authorization checks. Impact: potential issu...

10CVSS6.5AI score0.0326EPSS
Exploits0References3
Fedora
Fedora
added 2025/12/17 1:32 a.m.6 views

[SECURITY] Fedora 42 Update: mod_md-2.6.6-1.fc42

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

7.5CVSS7AI score0.00417EPSS
Exploits0
Fedora
Fedora
added 2025/12/17 1:14 a.m.6 views

[SECURITY] Fedora 43 Update: mod_md-2.6.7-1.fc43

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

7.5CVSS7AI score0.00417EPSS
Exploits0
Talos
Talos
added 2025/12/17 12:0 a.m.67 views

smallstep Step-CA Certificate Signing authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2242 smallstep Step-CA Certificate Signing authentication bypass vulnerability December 17, 2025 CVE Number CVE-2025-44005 SUMMARY An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completi...

10CVSS6.6AI score0.0326EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/17 12:0 a.m.4 views

FreeBSD : step-certificates -- Authorization Bypass in ACME and SCEP Provisioners (eca46635-db51-11f0-9b8d-40a6b7c3b3b8)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eca46635-db51-11f0-9b8d-40a6b7c3b3b8 advisory. smallstep reports: An attacker can bypass authorization checks and force a Step CA ACME or SCEP...

10CVSS5.7AI score0.0326EPSS
Exploits0References3
Rows per page
Query Builder