Lucene search
K

986 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19847

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00367EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/09/25 12:9 a.m.8 views

httpd: CONTINUATION frames DoS

A vulnerability was found in how Apache httpd implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers,...

7.5CVSS7.1AI score0.91327EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2025/09/15 1:26 a.m.2 views

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

7.5CVSS5.8AI score0.01149EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/15 1:26 a.m.6 views

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.01149EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/09/15 1:25 a.m.3 views

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

7.5CVSS5.8AI score0.01149EPSS
Exploits0References5
OSV
OSV
added 2025/09/12 10:4 a.m.8 views

RHSA-2025:15684 Red Hat Security Advisory: httpd:2.4 security update

Bulletin has no description...

7.5CVSS7AI score0.01149EPSS
Exploits1References20
RedHat Linux
RedHat Linux
added 2025/09/11 2:40 p.m.3 views

httpd: HTTP Session Hijack via a TLS upgrade

An HTTP session hijacking flaw was found in Apache httpd. In some modssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade...

7.4CVSS5.7AI score0.00516EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/11 2:40 p.m.2 views

httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption

An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some modssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if...

9.1CVSS5.7AI score0.0097EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/09/11 10:36 a.m.6 views

httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption

An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some modssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if...

9.1CVSS5.7AI score0.0097EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/09/10 12:38 p.m.2 views

httpd: HTTP Session Hijack via a TLS upgrade

An HTTP session hijacking flaw was found in Apache httpd. In some modssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade...

7.4CVSS5.7AI score0.00516EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/10 12:38 p.m.7 views

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

7.5CVSS5.8AI score0.01149EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/10 12:38 p.m.3 views

httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption

An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some modssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if...

9.1CVSS5.7AI score0.0097EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.4 views

RHEL 8 : httpd:2.4 (RHSA-2025:15516)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15516 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient...

9.1CVSS7.7AI score0.01149EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2025/09/08 7:4 p.m.2 views

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

7.5CVSS5.8AI score0.01149EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2025/09/08 2:19 p.m.7 views

httpd:2.4 security update

An update is available for module.modhttp2, httpd, module.modmd, modhttp2, modmd, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

9.1CVSS6.9AI score0.01149EPSS
Exploits1
OSV
OSV
added 2025/09/05 12:43 p.m.8 views

OESA-2025-2170 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP respons...

9.1CVSS6.6AI score0.0097EPSS
Exploits1References6
Amazon
Amazon
added 2025/09/04 12:0 a.m.19 views

Medium: httpd

Issue Overview: A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. CVE-2025-54090 Affected Packages: httpd Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

6.3CVSS7AI score0.00691EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/09/03 1:23 p.m.3 views

httpd: insufficient escaping of user-supplied data in mod_ssl

A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...

7.5CVSS5.8AI score0.00669EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/03 1:23 p.m.5 views

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

7.5CVSS5.8AI score0.01149EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/03 1:23 p.m.9 views

Moderate: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS7.4AI score0.01149EPSS
Exploits1References5
Rows per page
Query Builder