11629 matches found
CVE-2024-43204
SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where modheaders is configured to modify the Content-Type request or response header with a value provided in the HTTP request...
CVE-2024-43204 Apache HTTP Server: SSRF with mod_headers setting Content-Type header
SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where modheaders is configured to modify the Content-Type request or response header with a value provided in the HTTP request...
CVE-2024-43204
SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where modheaders is configured to modify the Content-Type request or response header with a value provided in the HTTP request...
CVE-2024-43204 Apache HTTP Server: SSRF with mod_headers setting Content-Type header
SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where modheaders is configured to modify the Content-Type request or response header with a value provided in the HTTP request...
CVE-2024-43204
CVE-2024-43204 affects Apache HTTP Server when mod_proxy is loaded. The vulnerability permits SSRF by sending outbound proxy requests to a URL controlled by the attacker, requiring an unlikely configuration in which mod_headers modifies the Content-Type header with a value provided in the HTTP re...
CVE-2024-42516 Apache HTTP Server: HTTP response splitting
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP...
CVE-2024-42516
CVE-2024-42516 affects Apache HTTP Server (httpd). The issue is HTTP response splitting caused by faulty input validation in the core, allowing manipulation of Content-Type headers to split responses. Reports indicate the vulnerability was discussed as CVE-2023-38709, with patches through 2.4.59 ...
CVE-2024-42516 Apache HTTP Server: HTTP response splitting
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP...
CVE-2024-42516
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP...
CVE-2024-42516
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP...
Security Bulletin: Due to use of IBM Tivoli Monitoring , IBM Cloud Pak System is affected by multiple vulnerabilities.
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-39573 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by a flaw in the modrewrite. By sending a specially crafted request, an attacker could exploit...
PT-2025-29120
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.17 through 2.4.63 Description: A late release of memory after effective lifetime issue exists in Apache HTTP Server. Recommendations: Upgrade to version 2.4.64...
PT-2025-29115
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.0 through 2.4.63 Description: A Server-Side Request Forgery SSRF issue exists in Apache HTTP Server on Windows. This issue potentially allows the leakage of NTLM hashes to a malicious server via mod rewrite or...
KLA85814 Multiple vulnerabilities in Apache HTTP Server
Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, perform cross-site scripting attack, cause denial of service. Below is a complete list of vulnerabilities: 1. Insufficient...
Apache HTTP Server 访问控制错误漏洞
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An Access Control Error vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause an access contr...
Apache HTTP Server 安全漏洞
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A denial of service vulnerability exists in Apache HTTP Server, which stems from a modproxyhttp2 assertion failure that can be...
PT-2025-29138 · Unknown · Easy File Sharing Ftp Server
Name of the Vulnerable Software and Affected Versions: Easy File Sharing HTTP Server version 7.2 Description: A stack-based buffer overflow vulnerability exists in the application. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long...
Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports: moderate: Apache HTTP Server: HTTP response splitting CVE-2024-42516 low: Apache HTTP Server: SSRF with modheaders setting Content-Type header CVE-2024-43204 moderate: Apache HTTP Server: SSRF on Windows due to UNC paths CVE-2024-43394 low: Apache HTTP Server:...
Apache HTTP Server 安全漏洞
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An unspecified vulnerability exists in Apache HTTP Server that stems from insufficient escaping of user-supplied data by modssl,...
Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server, affect IBM Tivoli Monitoring.
Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server have been remediated. Vulnerability Details CVEID:CVE-2025-33104 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to...