Lucene search
K

122 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.11 views

MiracleLinux 7 : httpd-2.4.6-98.7.0.1.el7.AXS7 (AXSA:2023-5265:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5265:04 advisory. httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Tenable has extracted the preceding description block directly from the MiracleLinu...

9.8CVSS8.2AI score0.8377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 8 : httpd:2.4 httpd-2.4.37-51.module+el8+1598+5e93bbc9.5.ML.1, mod_http2-1.15.7-5.module+el8+1598+5e93bbc9.4, mod_md-2.0.8-8.module+el8+1598+5e93bbc9 (AXSA:2023-5275:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5275:01 advisory. httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Tenable has extracted the preceding description block directly from the MiracleLinu...

9.8CVSS5.6AI score0.8377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.12 views

TencentOS Server 4: httpd (TSSA-2024:0666)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0666 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7.9AI score0.97108EPSS
Exploits9References6
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.12 views

TencentOS Server 2: httpd (TSSA-2023:0060)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0060 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

9.8CVSS7AI score0.8377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.12 views

TencentOS Server 3: mod_http2 (TSSA-2023:0047)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0047 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

9.8CVSS7AI score0.8377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.10 views

TencentOS Server 3: httpd:2.4 (TSSA-2023:0200)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0200 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

9.8CVSS7AI score0.8377EPSS
Exploits5References2
GithubExploit
GithubExploit
added 2025/06/01 2:9 p.m.1330 views

Exploit for HTTP Request Smuggling in Apache Http_Server

CVE 2023 25690 - Proof of Concept Published: 7 March 2023...

9.8CVSS8.5AI score0.8377EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2025/05/16 12:0 a.m.38 views

Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2023-25690)

The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25690 advisory. - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP...

9.8CVSS7AI score0.8377EPSS
Exploits5References2
CBLMariner
CBLMariner
added 2025/05/15 9:13 p.m.32 views

CVE-2023-25690 affecting package mod_http2 for versions less than 2.0.29-3

CVE-2023-25690 affecting package modhttp2 for versions less than 2.0.29-3. An upgraded version of the package is available that resolves this issue...

9.8CVSS7.2AI score0.8377EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/01 7:35 p.m.64 views

Security Bulletin: Cloud Pak System is vulnerable to HTTP request splitting attack.

Summary Cloud Pak System is vulnerable to HTTP request splitting attack CVE-2023-25690. Vulnerability Details CVEID:CVE-2023-25690 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by an error when modproxy is enabled along with some form of RewriteRule or...

9.8CVSS9.2AI score0.8377EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.54 views

Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...

9.8CVSS7.2AI score0.99999EPSS
Exploits30References3
Oracle linux
Oracle linux
added 2024/05/24 12:0 a.m.77 views

httpd:2.4 security update

httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...

7.5CVSS7.5AI score0.99999EPSS
Exploits30
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.63 views

CentOS 9 : mod_http2-1.15.19-5.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the modhttp2-1.15.19-5.el9 build changelog. - HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Note that Nessus has not tested for this issue but has instead relied only o...

9.8CVSS6.9AI score0.8377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/01/26 12:0 a.m.87 views

RHEL 8 : httpd:2.4 (RHSA-2023:1672)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1672 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting wi...

9.8CVSS7AI score0.8377EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.98 views

CentOS 7 : httpd (RHSA-2023:1593)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1593 advisory. - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when...

9.8CVSS6.9AI score0.8377EPSS
Exploits5References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/11 12:50 p.m.47 views

Security Bulletin: Vulnerability in httpd (CVE-2023-25690) affects Power HMC

Summary HTTPD is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-25690 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by an error when modproxy is enabled along with some form of...

9.8CVSS9.4AI score0.8377EPSS
Exploits5Affected Software1
GithubExploit
GithubExploit
added 2023/12/04 4:58 p.m.2262 views

Exploit for HTTP Request Smuggling in Apache Http_Server

CVE-2023-25690 Mô tả CVE-2023-25690: - Một vài cấu hình mod...

9.8CVSS8.3AI score0.8377EPSS
Exploits5
Oracle linux
Oracle linux
added 2023/11/11 12:0 a.m.64 views

httpd and mod_http2 security, bug fix, and enhancement update

httpd 2.4.57-5.0.1 - Replace index.html with Oracle's index page oracleindex.html. 2.4.57-5 - Fix issue found by covscan - Related: 2222001 2.4.57-4 - Resolves: 2217726 - Make PROPFIND tolerant of deletion race 2.4.57-3 - Resolves: 2222001 - modstatus lists BusyWorkers IdleWorkers keys twice...

9.8CVSS7.6AI score0.8377EPSS
Exploits5
NCSC
NCSC
added 2023/10/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Hyperion

Vulnerabilities have been fixed in Oracle Hyperion products. A malicious party can exploit the vulnerabilities to gain full control to the Oracle Hyperion infrastructure. ------------------.------.------------------------------------- | CVE-ID | CVSS | Vector |...

9.8CVSS8.5AI score0.8377EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2023/09/08 12:0 a.m.55 views

GLSA-202309-01 : Apache HTTPD: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202309-01 Apache HTTPD: Multiple Vulnerabilities - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the...

9.8CVSS7.1AI score0.8377EPSS
Exploits5References8
Rows per page
Query Builder