EulerOS Virtualization 2.12.0 : httpd (EulerOS-SA-2026-1487)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped quer...

Exploit for Out-of-bounds Write in Starnight Micro_Http_Server

💥 CVE-2023-50965 — Stack Buffer Overflow Exploit Linux Proo...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1430)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1536)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1487)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2026-1593 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

CLSA-2026-1773506438 java-1.8.0-openjdk: Fix of 5 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs: - CVE-2025-53057: Security: enforce proper access control in certificate handling to prevent data tampering - CVE-2025-53066: JAXP: restrict data access in Path Factory processing to prevent information...

📄 Microsoft Windows LNK File Remote Code Execution

This PHP script is a proof of concept exploit that demonstrates how to create a Windows LNK shortcut file that executes a PowerShell command in this example, launches calc.exe...

cpp-httplib 安全漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes HTTP/HTTPS server and client components. Versions of cpp-httplib prior to 0.37.1 contained security vulnerabilities. These vulnerabilities stemmed from insufficient input validation and exception handling for the Content-Length...

Ubuntu: Security Advisory (USN-7968-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7968-2: Apache HTTP Server regression

USN-7968-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression in modmd where the MDStapleOthers setting was ignored which resulted in OCSP being broken for some domains. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It w...

Exploit for Improper Access Control in Oracle Http_Server

!Type: CVEhttps://img.shields.io/badge/Type-CVE-critical?styl...

OESA-2026-1529 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

CLSA-2026-1772101256 httpd: Fix of CVE-2024-42516

CVE-2024-42516: fix HTTP response splitting by reordering header validation to occur after full response header assembly...

CVE-2026-3169 Tenda F453 httpd SafeEmailFilter fromSafeEmailFilter buffer overflow

A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit ha...

CVE-2026-3167

The advisory concerns CVE-2026-3167 affecting Tenda F453 with firmware 1.0.0.3. The vulnerability is in the httpd component, specifically the function formWebTypeLibrary in /goform/webtypelibrary, where manipulating the argument webSiteId causes a buffer overflow. This allows a remote attack, and...

CVE-2026-27589 Caddy vulnerable to cross-origin config application via local admin API /load (caddy)

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement is not enabled enforceorigin not...

RHSA-2026:2994 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP3 security update

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP3 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 3 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

httpd: Apache HTTP Server: CGI environment variable override

A configuration override flaw has been discovered in the apache HTTP server. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server...