EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2395)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2025-2359)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

EulerOS 2.0 SP12 : mod_http2 (EulerOS-SA-2025-2335)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2423)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

PT-2025-46317

CVE-2025-12542 - CVE-2022-1234: Apache HTTP Server Unauthenticated Remote Code Execution CVE ID : CVE-2025-12542 Published : Nov. 10, 2025, 11:15 p.m. | 1 hour, 30 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 |...

BIT-GOLANG-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

PT-2025-45535

CVE-2025-64476 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-64476 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-45536

CVE-2025-64477 - Apache HTTP Server Unauthenticated Remote Command Execution CVE ID : CVE-2025-64477 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

PT-2025-45538

CVE-2025-64479 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-64479 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-45537

CVE-2025-64478 - Apache HTTP Server Information Disclosure CVE ID : CVE-2025-64478 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-45533

CVE-2025-64474 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-64474 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-45539

CVE-2025-64480 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-64480 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989234)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989234 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 - Apache HTTP Server 2.4.49 Path Traversal & RC...

CVE-2025-64137

A missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

[SECURITY] Fedora 42 Update: qt6-qthttpserver-6.9.3-1.fc42

Library to facilitate the creation of an http server with Qt...

CVE-2025-64137

A missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

CVE-2025-64137

A missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

CVE-2025-64137

A missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

CVE-2025-64137

CVE-2025-64137 affects the Jenkins Themis Plugin (versions 1.4.1 and earlier). The issue is a missing permission check in an HTTP endpoint, which allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server. Public references in Red Hat and GitHub advisories reite...