CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Security Advisory Description HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl...

7.3CVSS6.4AI score0.00531EPSS

Exploits1

Vulnrichment•added 2025/09/15 10:32 a.m.•4 views

CVE-2025-10441 D-Link DI-8100G/DI-8200G/DI-8003G jhttpd version_upgrade.asp sub_433F7C os command injection

A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17.12.20A1/19.12.10A1. Affected by this issue is the function sub433F7C of the file versionupgrade.asp of the component jhttpd. The manipulation of the argument path results in os command injection. The attack may be launched...

6.5CVSS6.8AI score0.00349EPSS

Exploits0References6

OpenVAS•added 2025/09/10 12:0 a.m.•6 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2041)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.7AI score0.00684EPSS

Exploits1References2

Tenable Nessus•added 2025/09/04 12:0 a.m.•5 views

AlmaLinux 8 : httpd:2.4 (ALSA-2025:15123)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15123 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using TLS...

9.1CVSS7.7AI score0.03545EPSS

Exploits1References6

CNVD•added 2025/07/30 12:0 a.m.•2 views

NETGEAR XR300 Stack Buffer Overflow Vulnerability

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

6.5CVSS7.4AI score0.00282EPSS

Exploits1References1

OSV•added 2025/07/21 1:15 a.m.•1 views

CVE-2025-7914

A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely...

8.7CVSS6.2AI score

Exploits0References5

CNNVD•added 2025/07/21 12:0 a.m.•1 views

Tenda AC6 安全漏洞

Tenda AC6 is a dual-band wireless router that supports IPv4 and IPv6 protocols and is designed for home network environments. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the httpd component function setparentcontrolinfo fails to correctly validate the length of t...

9CVSS8.2AI score0.01094EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 3:25 p.m.•5 views

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

7.8CVSS6.8AI score0.00611EPSS

Exploits0

RedhatCVE•added 2025/05/22 12:6 p.m.•7 views

CVE-2012-4443

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access...

6.9CVSS7.1AI score0.00054EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by