5760 matches found
CVE-2026-44185
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-34355
A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...
CVE-2026-34355
CVE-2026-34355 : A buffer overflow in Apache HTTP Server’s mod_proxy_html (affecting 2.4.67 and earlier) can be exploited by an untrusted backend. The advisory indicates that upgrading to 2.4.68 fixes the issue. Documented impact is a network‑accessible overflow with high severity (CVSS v3.1: 7.5...
CVE-2026-44631
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-44631 Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-44631
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-44119
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...
CVE-2026-44119
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...
CVE-2026-44119
Summary: CVE-2026-44119 is an Apache HTTP Server vulnerability described as improper privilege management that allows local .htaccess authors to read files with httpd user privileges. Affected versions are Apache HTTP Server 2.4.67 and earlier; the issue is fixed in 2.4.68. This aligns with multi...
CVE-2026-43951
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...
CVE-2026-43951 Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...
CVE-2026-43951
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...
EUVD-2026-35093
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...
CVE-2026-43951
CVE-2026-43951 : Out-of-bounds read in Apache HTTP Server affecting mod_headers and mod_mime across multiple response languages. Affected versions: 2.4.0–2.4.67. The vulnerability is described in enrichment as an out-of-bounds read in the merge_response_headers path, which can lead to a crash. No...
CVE-2026-43951
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...
CVE-2026-43951 Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash
Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...
CVE-2026-42535 Apache HTTP Server: mod_dav_fs protected directory access
A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...
CVE-2026-42535 Apache HTTP Server: mod_dav_fs protected directory access
A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...
EUVD-2026-35089
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...