Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

21 matches found

Tenable Nessus
Tenable Nessusā€¢added 2025/12/08 12:0 a.m.ā€¢3 views

Linux Distros Unpatched Vulnerability : CVE-2025-59775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM...

7.5CVSS5.4AI score0.00064EPSS
Exploits0References2
OSV
OSVā€¢added 2024/03/06 10:56 a.m.ā€¢87 views

BIT-APACHE-2021-30641 Unexpected URL matching with 'MergeSlashes OFF'

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS7.4AI score0.36362EPSS
Exploits0References13
SUSE CVE
SUSE CVEā€¢added 2023/02/15 3:41 a.m.ā€¢1 views

SUSE CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.9CVSS9.3AI score0.36362EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusā€¢added 2021/11/17 12:0 a.m.ā€¢44 views

EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2021-2746)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is...

9.8CVSS7.3AI score0.60353EPSS
Exploits0References5
AlmaLinux
AlmaLinuxā€¢added 2021/11/09 8:52 a.m.ā€¢44 views

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

7.5CVSS7.9AI score0.60353EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusā€¢added 2021/09/27 12:0 a.m.ā€¢47 views

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2553)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of...

9.8CVSS7.3AI score0.60353EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusā€¢added 2021/09/24 12:0 a.m.ā€¢44 views

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2021-2463)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...

9.8CVSS7.2AI score0.47816EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusā€¢added 2021/06/28 12:0 a.m.ā€¢53 views

openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:0908-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0908-1 advisory. - Apache HTTP Server versions 2.4.41 to 2.4.46 modproxyhttp can be made to crash NULL pointer dereference with specially crafted requests...

9.8CVSS7.5AI score0.60353EPSS
Exploits0References19
Tenable Nessus
Tenable Nessusā€¢added 2021/06/25 12:0 a.m.ā€¢66 views

FreeBSD : Apache httpd -- Multiple vulnerabilities (cce76eca-ca16-11eb-9b84-d4c9ef517024)

The Apache httpd reports : - moderate: modproxywstunnel tunneling of non Upgraded connections CVE-2019-17567 - moderate: Improper Handling of Insufficient Privileges CVE-2020-13938 - low: modproxyhttp NULL pointer dereference CVE-2020-13950 - low: modauthdigest possible stack overflow by one nul...

9.8CVSS7.2AI score0.60353EPSS
Exploits0References10
Veracode
Veracodeā€¢added 2021/06/13 10:29 a.m.ā€¢25 views

Denial Of Service(DoS)

Apache HTTP Server is vulnerable to denial of service due to an unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS0.6AI score0.36362EPSS
Exploits0References17Affected Software19
NVD
NVDā€¢added 2021/06/10 7:15 a.m.ā€¢19 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS0.36362EPSS
Exploits0References12
Prion
Prionā€¢added 2021/06/10 7:15 a.m.ā€¢19 views

Code injection

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5CVSS6.9AI score0.36362EPSS
Exploits0References12Affected Software6
UbuntuCve
UbuntuCveā€¢added 2021/06/10 7:15 a.m.ā€¢64 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS6.8AI score0.36362EPSS
Exploits0References6
OSV
OSVā€¢added 2021/06/10 7:15 a.m.ā€¢0 views

UBUNTU-CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS6.7AI score0.36362EPSS
Exploits0References7
AlpineLinux
AlpineLinuxā€¢added 2021/06/10 7:10 a.m.ā€¢36 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS7.8AI score0.36362EPSS
Exploits0
Debian CVE
Debian CVEā€¢added 2021/06/10 7:10 a.m.ā€¢38 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS6.5AI score0.36362EPSS
Exploits0
CVE
CVEā€¢added 2021/06/10 7:10 a.m.ā€¢1222 views

CVE-2021-30641

CVE-2021-30641 affects Apache HTTP Server 2.4.39ā€“2.4.46 with unexpected matching behavior when MergeSlashes OFF. Connected sources indicate patched versions: Debian fixes in 2.4.38-based packages, AlmaLinux/RedHat advisories reference a fix in Apache 2.4.51 for supported Check Point versions, and...

5.3CVSS7.5AI score0.36362EPSS
Exploits0References12Affected Software1
Cvelist
Cvelistā€¢added 2021/06/10 7:10 a.m.ā€¢21 views

CVE-2021-30641 Unexpected URL matching with 'MergeSlashes OFF'

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

7.5AI score0.36362EPSS
Exploits0References12
OpenVAS
OpenVASā€¢added 2021/06/10 12:0 a.m.ā€¢26 views

Apache HTTP Server 2.4.39 - 2.4.46 Unexpected URL Matching Vulnerability - Linux

Apache HTTP Server is prone to an unexpected URL matching vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

5.3CVSS7.5AI score0.36362EPSS
Exploits0References1
Apache Httpd
Apache Httpdā€¢added 2021/04/14 12:0 a.m.ā€¢52 views

Apache Httpd < 2.4.48 : Unexpected URL matching with 'MergeSlashes OFF'

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...

5.3CVSS7.5AI score0.36362EPSS
Exploits0Affected Software1
Rows per page
Query Builder