EulerOS Virtualization 2.13.1 : httpd (EulerOS-SA-2025-2543)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of...

EulerOS Virtualization 2.13.1 : python3 (EulerOS-SA-2025-2560)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted...

PT-2025-52409

CVE-2025-0852 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-0852 Published : Dec. 16, 2025, 10:15 p.m. | 1 hour, 44 minutes ago Description : Rejected reason: Voluntarily withdrawn Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline...

PT-2025-52482

CVE-2025-14828 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-14828 Published : Dec. 17, 2025, 7:16 p.m. | 48 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in th...

K000158206: Apache HTTP Server vulnerability CVE-2025-66200

Security Advisory Description moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by multiple vulnerabilities due to libexpat and the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2025-66200 DESCRIPTION: moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP...

CVE-2025-14654 Tenda AC20 httpd setPptpUserList formSetPPTPUserList stack-based overflow

A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The...

PT-2025-51262

CVE-2025-13832 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-13832 Published : Dec. 13, 2025, 11:15 p.m. | 22 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for mo...

Apache HTTP Server: mod_md (ACME), unintended retry intervals

...

PT-2025-51118

CVE-2025-67686 - Apache HTTP Server Command Injection CVE ID : CVE-2025-67686 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51120

CVE-2025-67688 - Apache HTTP Server Improper Input Validation CVE ID : CVE-2025-67688 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-51124

CVE-2025-67692 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-67692 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-51122

CVE-2025-67690 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-67690 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51125

CVE-2025-67693 - Apache Apache HTTP Server Missing Authentication for Configuration CVE ID : CVE-2025-67693 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

PT-2025-50932

CVE-2025-67612 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2025-67612 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50917

CVE-2025-67607 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-67607 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Apache HTTP Server Cross-Site Request Forgery Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A cross-site request forgery vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause NTLM hash...

PT-2025-50928

CVE-2025-67608 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-67608 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2026-36797

Name of the Vulnerable Software and Affected Versions Apache HTTP versions prior to 2.4.67 Description An escalation of privilege bug exists in various modules, including mod rewrite via ap expr, which allows local .htaccess authors to read files using the privileges of the httpd user...

PT-2025-50913

CVE-2025-67498 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-67498 Published : Dec. 9, 2025, 11:16 p.m. | 1 hour, 48 minutes ago Description : Rejected reason: Further research determined the issue is not a vulnerability. Severity: 0.0 | NA Visit the link for more details, such as...