Linux Distros Unpatched Vulnerability : CVE-2003-1580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad...

PT-2025-34593 · Undefined · Undefined

CVE-2025-24468 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-24468 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-34535 · Undefined · Undefined

CVE-2025-57829 - Apache HTTP Server Command Injection CVE ID : CVE-2025-57829 Published : Aug. 21, 2025, 4:16 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

F5 Networks BIG-IP : Apache HTTP server vulnerability (K000153074)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000153074 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the...

PT-2025-34534 · Undefined · Undefined

CVE-2025-57828 - Apache HTTP Server Unsecured Configuration CVE ID : CVE-2025-57828 Published : Aug. 21, 2025, 4:15 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

io.airlift:discovery (=324), io.airlift:http-client (=324) +13 more potentially affected by CVE-2025-5115 via org.eclipse.jetty.http2:jetty-http2-common (>=12.1.0.alpha0 <=12.1.0.beta2)

org.eclipse.jetty.http2:jetty-http2-common MAVEN version =12.1.0.alpha0, =12.1.0.alpha2, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.beta2 Source cves: CVE-2025-5115 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-12047664...

PT-2025-34335 · Undefined · Undefined

CVE-2025-57744 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57744 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-33835 · Undefined · Undefined

CVE-2025-57723 - Apache HTTP Server Unauthenticated Remote Code Execution CVE ID : CVE-2025-57723 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...

PT-2025-33830 · Undefined · Undefined

CVE-2025-57718 - Apache HTTP Server SSRF CVE ID : CVE-2025-57718 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-34271 · Undefined · Undefined

CVE-2025-55153 - Apache HTTP Server XML Entity Injection CVE ID : CVE-2025-55153 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 59 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

USN-6885-6 apache2 regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

Denial of Service (DoS)

Overview amphp/http-server is a non-blocking HTTP application server for PHP based on Amp Affected versions of this package are vulnerable to Denial of Service DoS due to incorrect stream accounting in the handling of server-sent stream resets. An attacker can cause excessive server resource...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities due to the included Apache HTTP Server

Summary There are multiple vulnerabilities in Apache HTTP Server which affect the IBM HTTP Server used by IBM WebSphere Application Server. Vulnerability Details CVEID:CVE-2024-43204 DESCRIPTION: SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to...

Security Bulletin: A vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest (CVE-2024-43204, CVE-2024-43394, CVE-2024-42516)

Summary IBM HTTP Server IHS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting IHS have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

K000152922: Apache HTTP server vulnerability CVE-2025-49630

Security Advisory Description In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in modproxyhttp2. Configurations affected are a reverse proxy is configured for an HTTP...

The vulnerability in the Apache HTTP Server’s web server lies in improper checking of the return value of a function, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Apache HTTP Server is related to improper checking of the return value of a function. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2012-10024

XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw ...

Security Bulletin: IBM HTTP Server is affected by a security bypass vulnerability due to the included Apache HTTP Server (CVE-2025-54090)

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by a security bypass vulnerability due to the included Apache HTTP Server. This affects IBM HTTP Server with IFPH67153 installed. Vulnerability Details CVEID:CVE-2025-54090 DESCRIPTION: A bug in Apache HTTP Server 2.4.64...