Lucene search
K

406 matches found

OSV
OSV
added 2026/01/19 2:59 p.m.8 views

USN-7968-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal attempts to be repeated without delays, possibly leading to a denial of service. CVE-2025-55753 Anthony Parfenov discovered that the Apache HTTP Server would pass the...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.8 views

MiracleLinux 4 : php-5.3.3-3.AXS4.8 (AXSA:2012-547:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-547:03 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in...

9.8CVSS9.2AI score0.99998EPSS
Exploits42References2
EUVD
EUVD
added 2026/01/12 6:23 p.m.4 views

EUVD-2026-2005

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. TinyWeb HTTP Server before version 1.98 is vulnerable to OS command injection via CGI ISINDEX-style query parameters. The query parameters are passed as command-line arguments to the CGI executable via Windows CreateProcess. An...

10CVSS7.7AI score0.02174EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.7 views

SUSE SLES15: apache2 / apache2-devel / apache2-event / apache2-manual / etc (SUSE-SU-2026:0020-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0020-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References13
OSV
OSV
added 2026/01/05 2:46 p.m.8 views

CLSA-2026-1767609927 httpd: Fix of CVE-2025-58098

CVE-2025-58098: don't pass querry string args as command line arguments to SSI-invoked CGI scripts...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 11:8 a.m.5 views

SUSE-SU-2026:0020-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/01/02 12:0 a.m.4 views

CVE-2025-67158

An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request...

6.7AI score0.00437EPSS
Exploits2References2
Rockylinux
Rockylinux
added 2025/12/24 9:9 a.m.7 views

httpd security update

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

8.3CVSS6.7AI score0.01527EPSS
Exploits0
OSV
OSV
added 2025/12/24 9:9 a.m.6 views

RLSA-2025:23932 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

7.1CVSS6.5AI score0.01527EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-53354

Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNewAcct.cgi script that allows unauthenticated attackers to create admin user accounts. Attackers can exploit the missing control check by sending crafted POST requests to create administrative account...

9.8CVSS7.2AI score0.00569EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/12/23 7:7 p.m.6 views

Security update for apache2

This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...

6.8CVSS7AI score0.01527EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/12/23 12:0 a.m.3 views

AlmaLinux 10 : httpd (ALSA-2025:23932)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23932 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileIn...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 11:27 p.m.16 views

httpd: Apache HTTP Server: CGI environment variable override

A configuration override flaw has been discovered in the apache HTTP server. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server...

6.5CVSS5.7AI score0.00771EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 4:55 p.m.4 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References4
OSV
OSV
added 2025/12/18 5:17 p.m.3 views

SUSE-SU-2025:4488-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...

8.3CVSS6.9AI score0.01527EPSS
Exploits0References9
CNVD
CNVD
added 2025/12/10 12:0 a.m.130 views

Apache HTTP Server Code Execution Vulnerability (CNVD-2025-30835)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A code execution vulnerability exists in Apache HTTP Server versions 2.4.7 through 2.4.65, which can be exploited by an attacker t...

5.4CVSS7.6AI score0.00591EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/12/07 9:3 a.m.4 views

Apache HTTP Server: CGI environment variable override

...

6.5CVSS7AI score0.00771EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/06 12:23 a.m.7 views

SUSE CVE-2025-65082

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

5.5CVSS6.7AI score0.00771EPSS
Exploits0References13
OSV
OSV
added 2025/12/05 2:15 p.m.4 views

UBUNTU-CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References5
NVD
NVD
added 2025/12/05 11:15 a.m.7 views

CVE-2025-65082

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

6.5CVSS0.00771EPSS
Exploits0References2
Rows per page
Query Builder