Lucene search
K

986 matches found

GithubExploit
GithubExploit
added 2026/05/11 2:7 p.m.116 views

Exploit for Double Free in Apache Http_Server

CVE-2026-23918 Double-free in Apache httpd modhttp2 stream c...

8.8CVSS6AI score0.4581EPSS
Exploits16
OSV
OSV
added 2026/05/07 6:26 p.m.9 views

CLSA-2026-1778178379 httpd: Fix of 2 CVEs

CVE-2017-15710: modauthnzldap out-of-bounds write when accept-language header value is shorter than two characters - CVE-2017-15715: regex anchor in / can match before an embedded newline, allowing .htaccess bypass of trailing-extension filters...

8.1CVSS7.3AI score0.86006EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/07 5:53 a.m.116 views

Exploit for Double Free in Apache Http_Server

CVE-2026-23918 Apache modhttp2 Double-Free Detector ht...

8.8CVSS6AI score0.4581EPSS
Exploits16
EUVD
EUVD
added 2026/05/05 3:31 p.m.6 views

EUVD-2026-27321

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/05 1:46 a.m.11 views

SUSE CVE-2026-24072

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

7.3CVSS5.8AI score0.00654EPSS
Exploits1References7
Slackware Linux
Slackware Linux
added 2026/05/04 10:47 p.m.28 views

[slackware-security] httpd

New httpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.67-i586-1slack15.0.txz: Upgraded. This release fixes bugs and the following security issues: modproxyajp: Heap Over-Read and...

9.8CVSS6AI score0.4581EPSS
Exploits18
ATTACKERKB
ATTACKERKB
added 2026/05/04 12:37 p.m.12 views

CVE-2026-24072

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.8AI score0.00654EPSS
Exploits1References2
NVD
NVD
added 2026/03/24 3:16 a.m.6 views

CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS0.00205EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/24 2:16 a.m.5 views

CVE-2026-33307

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

7.5CVSS6AI score0.00342EPSS
Exploits0References3
CVE
CVE
added 2026/03/24 1:34 a.m.15 views

CVE-2026-33307

Mod_gnutls (Apache HTTPD TLS module) is affected by CVE-2026-33307 in versions prior to 0.12.3 and 0.13.0. The vulnerability arises from importing the client certificate chain into a fixed-size gnutls_x509_crt_t x509[] array without validating the number of certificates against the array length, ...

7.5CVSS6AI score0.00342EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1338)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/23 7:20 p.m.6 views

httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

A permissions bypass flaw has been discovered in the apache HTTP server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid...

5.4CVSS5.7AI score0.00591EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.17 views

NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2025-0240)

The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue...

9.8CVSS6AI score0.94999EPSS
Exploits15References25
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 7 : httpd-2.4.6-99.1.0.3.el7.AXS7 (AXSA:2024-8720:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8720:05 advisory. CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix...

9.8CVSS5.8AI score0.41611EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2774:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2774:01 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF'...

7.5CVSS8.4AI score0.65067EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 8 : httpd:2.4 (AXSA:2022-2988:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2988:01 advisory. httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Miracle Linux CVE-2021-20325 Tenable has extracted the preceding description block...

10CVSS8.5AI score0.99999EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2541:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2541:01 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF'...

10CVSS7.6AI score0.99999EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.12 views

MiracleLinux 7 : httpd24-httpd-2.4.25-9.el7 (AXSA:2017-1638:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1638:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-0736 RESERVED This...

7.5CVSS5.7AI score0.7907EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 7 : subversion-1.7.14-14.el7 (AXEA:2018-2733:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXEA:2018-2733:01 advisory. - modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access,...

5CVSS5.6AI score0.10607EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : httpd-2.2.15-60.4.0.1.AXS4 (AXSA:2017-1742:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1742:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-8743 RESERVED This candidate ha...

7.5CVSS6.3AI score0.13252EPSS
Exploits0References2
Rows per page
Query Builder