Security Bulletin: Vulnerabilities in httpd affects IBM Netezza Appliance

Summary The httpd package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-58098, CVE-2025-65082, CVE-2025-66200 Vulnerability Details CVEID:CVE-2025-58098 DESCRIPTION: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled an...

Oracle HTTP Server (April 2026 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and...

Oracle HTTP Server (April 2026 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and...

CVE-2026-34291

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. While...

Oracle HTTP Server 安全漏洞

Oracle HTTP Server is a web server component of Oracle’s Fusion Middleware, developed by Oracle Corporation in the United States. Versions 12.2.1.4.0 and 14.1.2.0.0.0 of Oracle HTTP Server contain security vulnerabilities. These vulnerabilities stem from issues with Core components, which may all...

goshs 安全漏洞

Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs prior to 2.0.0-beta.6 contained security vulnerabilities, which stemmed from the ArtiPACKED issue. This vulnerability could potentially lead to the disclosure of GITHUBTOKEN through workflow components...

PT-2026-34060

Name of the Vulnerable Software and Affected Versions goshs versions prior to 2.0.0-beta.6 Description goshs is a SimpleHTTPServer written in Go. An ArtiPACKED issue allows the leakage of the GITHUB TOKEN through workflow artifacts, even when the token is not included in the repository source cod...

CVE-2026-6632

A vulnerability was identified in Tenda F451 1.0.0.7cnsvn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. Remote exploitation of the attack is...

CVE-2026-6630

CVE-2026-6630 affects Tenda F451 1.0.0.7_cn_svn7958; the vulnerability exists in httpd, function fromGstDhcpSetSer in /goform/GstDhcpSetSer. Manipulating the argument dips can cause a buffer overflow. The issue is exploitable remotely with a network attack vector and has a PROOF-OF-CONCEPT exploi...

CVE-2026-40255

Summary: CVE-2026-40255 is an open redirect vulnerability in @adonisjs/http-server and related core versions. The issue arises when response.redirect().back() reads the Referer header and redirects without validating the host, enabling attackers to redirect users to external sites if they can inf...

CVE-2026-40255 @adonisjs/http-server has an Open Redirect vulnerability

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect.back method reads the Referer header from the incoming HTTP...

CVE-2026-40255 @adonisjs/http-server has an Open Redirect vulnerability

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect.back method reads the Referer header from the incoming HTTP...

CLSA-2026-1770310264 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade to shenandoah-jdk8u482-b08 GA fixing the following CVE: - CVE-2026-21945: enhance certificate checking - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer request handling...

CLSA-2026-1775779143 java-11-openjdk: Fix of 5 CVEs

Upgrade to openjdk-11.0.30+7 GA. The following CVEs were fixed: - CVE-2026-21945: enhance Certificate Checking - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21925: improve JMX connections - CVE-2025-65018: fix LIBPNG heap buffer overflow - CVE-2025-64720: fix LIBPNG buffer...

MAL-2026-2714 Malicious code in @gameforge/http-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c80f200c1cbaa194dfc83e5a8c911c182ff110b7451512013646d9414429b4 The package @gameforge/http-server was found to contain malicious code...

Malicious code in @gameforge/http-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c80f200c1cbaa194dfc83e5a8c911c182ff110b7451512013646d9414429b4 The package @gameforge/http-server was found to contain malicious code...

@adonisjs/http-server 安全漏洞

@adonisjs/http-server is an HTTP server framework based on Node.js, open-sourced by the AdonisJS Framework. Versions of @adonisjs/http-server prior to 7.8.1, as well as versions 8.0.0-next.0 to 8.1.3, along with @adonisjs/core version 7.4.0 and earlier, have security vulnerabilities. These...

CVE-2026-33096

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2026-32776, CVE-2026-32777, CVE-2026-32778]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2026-32776, CVE-2026-32777, CVE-2026-32778 Vulnerability Details Refer to the security bulletins listed in th...

@adonisjs/core (>=5.0.5-canary-rc-1 <=6.1.5-26), @djpfs/adonisjs-microservices (>=1.0.1 <=2.0.1) +34 more potentially affected by CVE-2026-40255 via @adonisjs/http-server (>=5.12.0 <=6.8.2-14)

@adonisjs/http-server NPM version =5.12.0, =5.0.5-canary-rc-1, =1.0.1, =1.0.0, =0.0.3, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =1.0.3, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.5 and more Source cves: CVE-2026-40255 Source advisory: OSV:GHSA-6QVV-PJ99-48QM...