Lucene search
K

5769 matches found

CVE
CVE
added 2026/06/08 3:17 p.m.84 views

CVE-2026-44119

Summary: CVE-2026-44119 is an Apache HTTP Server vulnerability described as improper privilege management that allows local .htaccess authors to read files with httpd user privileges. Affected versions are Apache HTTP Server 2.4.67 and earlier; the issue is fixed in 2.4.68. This aligns with multi...

5.5CVSS5.4AI score0.00171EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/08 3:17 p.m.7 views

CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

5.5CVSS5.4AI score0.00171EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/08 3:17 p.m.9 views

CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

5.5CVSS5.4AI score0.00171EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:16 p.m.6 views

CVE-2026-43951

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

5.4AI score0.00525EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/08 3:16 p.m.11 views

EUVD-2026-35093

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

6.5CVSS5.5AI score0.00525EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 3:16 p.m.68 views

CVE-2026-43951

CVE-2026-43951 : Out-of-bounds read in Apache HTTP Server affecting mod_headers and mod_mime across multiple response languages. Affected versions: 2.4.0–2.4.67. The vulnerability is described in enrichment as an out-of-bounds read in the merge_response_headers path, which can lead to a crash. No...

6.5CVSS5.5AI score0.00525EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 3:16 p.m.8 views

CVE-2026-43951 Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

5.4AI score0.00525EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/08 3:16 p.m.6 views

CVE-2026-43951

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

6.5CVSS5.4AI score0.00525EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/08 3:16 p.m.99 views

CVE-2026-43951 Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

0.00525EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/08 3:16 p.m.8 views

CVE-2026-43951

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

6.5CVSS5.5AI score0.00525EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/08 3:14 p.m.7 views

CVE-2026-42535 Apache HTTP Server: mod_dav_fs protected directory access

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

5.3AI score0.00538EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:14 p.m.106 views

CVE-2026-42535 Apache HTTP Server: mod_dav_fs protected directory access

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

0.00538EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 3:12 p.m.8 views

EUVD-2026-35089

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.5CVSS5.4AI score0.00682EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 3:11 p.m.9 views

CVE-2026-44186 Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the modproxyftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00562EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:11 p.m.108 views

CVE-2026-44186 Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the modproxyftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

0.00562EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/08 3:10 p.m.52 views

CVE-2026-29170

A cross-site scripting vulnerability exists in modproxyftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

6.1CVSS5.1AI score0.00504EPSS
Exploits0
EUVD
EUVD
added 2026/06/08 3:7 p.m.13 views

EUVD-2026-35086

Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00663EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:7 p.m.113 views

CVE-2026-29167 Apache HTTP Server: mod_ldap per-dir use-after-free

Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

0.00663EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/08 3:7 p.m.6 views

CVE-2026-29167

Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

9.8CVSS5.4AI score0.00663EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There is a buffer overflow vulnerability present in Apache HTTP Server, but detailed informatio...

9.8CVSS6.2AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder