5741 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-7679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response...
Linux Distros Unpatched Vulnerability : CVE-2018-11803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Subversion's moddavsvn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the...
Linux Distros Unpatched Vulnerability : CVE-2017-9788
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before...
Linux Distros Unpatched Vulnerability : CVE-2018-1312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated...
CLSA-2025-1739823342 httpd: Fix of CVE-2022-30522
CVE-2022-30522: fix possible DoS...
CVE-2023-38035
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration...
Azure Linux 3.0 Security Update: httpd (CVE-2023-38709)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38709 advisory. - Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to...
Azure Linux 3.0 Security Update: httpd (CVE-2024-39884)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39884 advisory. - A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based...
Azure Linux 3.0 Security Update: httpd (CVE-2024-38472)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...
Azure Linux 3.0 Security Update: httpd (CVE-2024-40725)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40725 advisory. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy...
Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2024-27316)
The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27316 advisory. - HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to genera...
Azure Linux 3.0 Security Update: httpd (CVE-2024-40898)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40898 advisory. - SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTM...
Azure Linux 3.0 Security Update: httpd (CVE-2024-24795)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24795 advisory. - HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject maliciou...
Azure Linux 3.0 Security Update: httpd (CVE-2024-36387)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36387 advisory. - Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference,...
CVE-2022-43636
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by...
CVE-2012-0883 affecting package httpd for versions less than 2.4.2-1
CVE-2012-0883 affecting package httpd for versions less than 2.4.2-1. A patched version of the package is available...
CVE-2020-35785
NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365...
Security Bulletin: Vulnerability in httpd (CVE-2024-27316) affects Power HMC
Summary HTTPD is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-27316 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by the failure to check or limit the use of HTTP/2 CONTINUATION frames that...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-1122)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-3986 · Apache · Apache Httpd
Name of the Vulnerable Software and Affected Versions: Apache HTTPD affected versions not specified Description: The issue concerns a rejected reason related to the Apache HTTPD DNS. No further details are provided about the nature of the issue or its potential impact. There is no information...