CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2 days ago•6 views

httpd: NULL pointer dereference via specially crafted request

A flaw was found in the moddavlock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request...

7.5CVSS5.9AI score0.00594EPSS

RedHat Linux•added 2 days ago•4 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS5.9AI score0.00514EPSS

RedHat Linux•added 2 days ago•5 views

httpd: mod_md: unrestricted OCSP response leads to resource exhaustion

7.3CVSS5.8AI score0.00628EPSS

GithubExploit•added 2026/06/13 4:5 a.m.•76 views

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server

http2-bomb-detector HTTP/2 Bomb CVE-2026-49975 Non-destru...

7.5CVSS5.6AI score0.10352EPSS

Exploits6

OSV•added 2026/06/13 12:5 a.m.•9 views

RLSA-2026:25225 Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.3AI score0.10352EPSS

Exploits6References2

Tenable Nessus•added 2026/06/09 12:0 a.m.•7 views

FreeBSD : Apache httpd -- Multiple vulnerabilities (7655baae-637d-11f1-8607-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7655baae-637d-11f1-8607-8447094a420f advisory. The Apache httpd project reports: See links for details. Tenable has extracted the preceding...

9.8CVSS5.4AI score0.00682EPSS

Exploits0References14

Tenable Nessus•added 2026/06/06 12:0 a.m.•8 views

RHEL 10 : mod_http2 (RHSA-2026:22528)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22528 advisory. The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP...

7.5CVSS5.6AI score0.04409EPSS

Exploits1References5

OSV•added 2026/06/05 12:4 p.m.•5 views

RLSA-2026:22528 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

5.3CVSS5.5AI score0.04409EPSS

OSV•added 2026/06/05 12:3 p.m.•9 views

RLSA-2026:22551 Moderate: mod_http2 security update

5.3CVSS6.8AI score0.04409EPSS

RedHat Linux•added 2026/06/03 4:57 a.m.•7 views

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RedHat Linux•added 2026/06/03 4:53 a.m.•12 views

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Tenable Nessus•added 2026/06/02 12:0 a.m.•11 views

Oracle Linux 8 : httpd:2.4 (ELSA-2026-22140)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22140 advisory. - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 modmd Tenable has extracted the preceding...

9.8CVSS5.9AI score0.04409EPSS

Exploits1References7

AlmaLinux•added 2026/06/02 12:0 a.m.•8 views

Moderate: mod_http2 security update

OSV•added 2026/06/02 12:0 a.m.•6 views

Exploits1References4

ALSA-2026:22528 Moderate: mod_http2 security update

Rockylinux•added 2026/06/01 6:2 p.m.•39 views

Exploits1References4

httpd:2.4 security update

An update is available for modhttp2, module.modmd, module.modhttp2, modmd, module.httpd, httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

9.8CVSS6.3AI score0.04409EPSS

Exploits1

RedHat Linux•added 2026/06/01 2:43 a.m.•22 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

5.3CVSS5.8AI score0.00514EPSS