11614 matches found
PT-2025-32357 · Undefined · Undefined
CVE-2025-55027 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-55027 Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
ROS-20250806-02
A vulnerability in the modauthopenidc module of the Apache HTTP Server HTTPD web server is related to insufficient user data validation when OIDCPreservePost is enabled in modauthopenidc. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2022-36760
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests ...
PT-2025-32350 · Undefined · Undefined
CVE-2025-55024 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-55024 Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10024 XBMC ≤ 11.0 Web Server Path Traversal
XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw ...
PT-2025-32256 · Undefined · Undefined
CVE-2025-54979 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-54979 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Linux Distros Unpatched Vulnerability : CVE-2025-49812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack a...
PT-2025-32253 · Undefined · Undefined
CVE-2025-54976 - Apache HTTP Server Unvalidated User Input Leads to Remote Command Execution CVE ID : CVE-2025-54976 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...
PT-2025-32213 · Undefined · Undefined
CVE-2025-54975 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-54975 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-31976
Name of the Vulnerable Software and Affected Versions XBMC versions prior to the 2012-11-04 nightly release XBMC version 11 Description XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server. When accessed via HT...
PT-2025-31962 · Undefined · Undefined
Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...
PT-2025-32255 · Undefined · Undefined
CVE-2025-54978 - Apache HTTP Server HTTP Header Injection CVE ID : CVE-2025-54978 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-32212 · Undefined · Undefined
CVE-2025-54974 - Apache HTTP Server Denial of Service CVE ID : CVE-2025-54974 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10047
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server = Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32,...
PT-2025-32150 · Nvidia · Nvidia Triton Inference Server
Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server versions prior to 25.07 Description: NVIDIA Triton Inference Server contains a vulnerability in the HTTP server that allows an attacker to initiate a reverse shell by sending a crafted HTTP request. Successful...
Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2025-1125)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1125 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the...
Amazon Linux 2 : httpd (ALAS-2025-2958)
The version of httpd installed on the remote host is prior to 2.4.64-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2958 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response...
CVE-2013-10047
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server = Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32,...
CVE-2013-10047 MiniWeb <= Build 300 Arbitrary File Upload
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server = Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32,...
CVE-2013-10047
CVE-2013-10047 affects MiniWeb HTTP Server up to Build 300. An unrestricted file upload with path traversal lets unauthenticated remote attackers drop a .exe in System32 and a .mof in the WMI directory, enabling payload execution with SYSTEM privileges via WMI on Windows versions before Vista. Mu...