11614 matches found
PT-2025-27054 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Request Forgery in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-27057 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a denial of service. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-27061 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Scripting problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...
PT-2025-27058 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an arbitrary file download in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices worldwide or real-world...
PT-2025-27073 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Request Forgery in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-27059 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a command injection problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-27074 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issu...
PT-2025-27055 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a SQL injection problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this iss...
CVE-2025-6526
A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...
undertow: AJP Request closes connection exceeding maxRequestSize
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by modcluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because modproxycluster...
PT-2025-26703 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No further details are provided about the nature of the issue, affected devices, or real-world incidents. Recommendations: At the momen...
PT-2025-26701 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a command injection problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-26704 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Stored XSS in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents...
PT-2025-26702 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns HTTP Request Smuggling in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices worldwide or real-world...
ALSA-2025:9466 Moderate: mod_proxy_cluster security update
The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
PT-2025-26699 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a command injection problem. No specific details about the estimated number of potentially affected devices worldwide or real-world incidents where this issue...
PT-2025-26676 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue allows an attacker to consume all available session slots, blocking other users from logging in and preventing legitimate users from accessing the product...
CVE-2025-6526
A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...
CVE-2025-6526
CVE-2025-6526 affects 70mai M300 up to 20250611, specifically the HTTP Server component. The vulnerability arises from insufficient protection of credentials, enabling an attack that can be performed from within the local network. The documented attack complexity is high and exploitation is descr...
CVE-2025-6526 70mai M300 HTTP Server insufficiently protected credentials
A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...