EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-1829)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup. A vulnerability in snifffeedorhtml and skipinsignificantspace functions may lead to a heap buffer...

Azure Linux 3.0 Security Update: httpd (CVE-2025-49630)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49630 advisory. - In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 throug...

CBL Mariner 2.0 Security Update: httpd (CVE-2025-49812)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49812 advisory. - In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation...

CBL Mariner 2.0 Security Update: httpd (CVE-2024-43204)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43204 advisory. - SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to a URL...

Azure Linux 3.0 Security Update: httpd (CVE-2025-53020)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-53020 advisory. - Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apach...

CBL Mariner 2.0 Security Update: httpd (CVE-2025-49630)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49630 advisory. - In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 throug...

Unspecified Vulnerability in Apache HTTP Server (CNVD-2025-16614)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An unspecified vulnerability exists in Apache HTTP Server that stems from insufficient escaping of user-supplied data by modssl,...

Apache HTTP Server server-side request forgery vulnerability (CNVD-2025-16613)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server suffers from a server-side request forgery vulnerability that stems from loading modproxy without implementing...

Apache HTTP Server Access Control Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An Access Control Error vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause an access contr...

Apache HTTP Server Server-Side Request Forgery Vulnerability (CNVD-2025-16609)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server suffers from a server-side request forgery vulnerability that can be exploited by an attacker to disclose NTLM...

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 CVSS score: 7.5, a high-severity path traversal vulnerability in Apache HTTP...

Apache HTTP Server: HTTP response splitting

...

Apache HTTP Server: mod_ssl TLS upgrade attack

...

Apache HTTP Server: mod_ssl access control bypass with session resumption

...

Apache HTTP Server: SSRF with mod_headers setting Content-Type header

...

Oracle HTTP Server (July 2025 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read. To exploit this, a...

Oracle HTTP Server (July 2025 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read. To exploit this, a...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Apache HTTP Server vulnerabilities (USN-7639-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7639-1 advisory. It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could...

USN-7639-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...

USN-7639-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...