11614 matches found
PT-2026-7099
CVE-2026-25843 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-25843 Published : Feb. 7, 2026, 4:15 a.m. | 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7097
CVE-2026-25841 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-25841 Published : Feb. 7, 2026, 4:15 a.m. | 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-7096
CVE-2026-25840 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-25840 Published : Feb. 7, 2026, 4:15 a.m. | 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-6959
CVE-2026-25698 - Apache HTTP Server SQL Injection Vulnerability CVE ID : CVE-2026-25698 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-6952
CVE-2026-25695 - Apache HTTP Server Information Disclosure CVE ID : CVE-2026-25695 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-6950
CVE-2026-25693 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-25693 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-6949
CVE-2026-25692 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-25692 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
OS Command Injection
Apache HTTP Server is vulnerable to OS Command Injection. The vulnerability is due to improper handling of shell-escaped query strings when Server Side Includes SSI with exec cmd="..." are used alongside modcgid, which allows an attacker to inject and execute arbitrary system commands by crafting...
Ubuntu 25.10 : CRaC JDK 17 vulnerabilities (USN-7997-1)
The remote Ubuntu 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7997-1 advisory. It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint...
PT-2026-37040
Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description A heap-based buffer overflow exists in the mod proxy ajp module. If mod proxy ajp connects to a malicious AJP server, that server can send a crafted AJP message causing the system to writ...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 17 vulnerabilities (USN-7998-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7998-1 advisory. It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remo...
CLSA-2026-1770115899 java-17-openjdk: Fix of 5 CVEs
Update to jdk-17.0.18+8 GA - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21945: enhance Certificate Checking - CVE-2025-64720: libpng: fix buffer overflow - CVE-2025-65018: libpng: fix heap buffer overflow...
USN-7998-1: OpenJDK 17 vulnerabilities
It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 11 vulnerabilities (USN-8001-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8001-1 advisory. It was discovered that the RMI component of OpenJDK 11 would establish RMI TCP endpoint connections to a remo...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 21 vulnerabilities (USN-8002-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8002-1 advisory. It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host...
USN-8003-1 openjdk-21-crac vulnerabilities
It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-8002-1 openjdk-21 vulnerabilities
It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-8000-1: OpenJDK 8 vulnerabilities
It was discovered that the RMI component of OpenJDK 8 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
Important: Red Hat Security Advisory: OpenJDK 25.0.2 Security Update for Windows Builds
An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
USN-7997-1: CRaC JDK 17 vulnerabilities
It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...