Lucene search
+L

230 matches found

almalinux
almalinux
added 2025/12/22 12:0 a.m.4 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

8.3CVSS7AI score0.01527EPSS
Exploits0References8
nessus
nessus
added 2025/12/22 12:0 a.m.6 views

AlmaLinux 8 : httpd:2.4 (ALSA-2025:23732)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References6
nessus
nessus
added 2025/12/22 12:0 a.m.2 views

RHEL 8 : httpd:2.4 (RHSA-2025:23732)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23732 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References10
nessus
nessus
added 2025/12/22 12:0 a.m.5 views

RHEL 9 : httpd (RHSA-2025:23919)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23919 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References8
almalinux
almalinux
added 2025/12/22 12:0 a.m.8 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...

8.3CVSS6.6AI score0.01527EPSS
Exploits0References10
osv
osv
added 2025/12/22 12:0 a.m.14 views

ALSA-2025:23932 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References8
nessus
nessus
added 2025/12/22 12:0 a.m.4 views

RockyLinux 8 : httpd:2.4 (RLSA-2025:23732)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References9
osv
osv
added 2025/12/22 12:0 a.m.11 views

ALSA-2025:23919 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References8
osv
osv
added 2025/12/22 12:0 a.m.5 views

ALSA-2025:23732 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References10
nessus
nessus
added 2025/12/20 12:0 a.m.2 views

SUSE SLES12: apache2 / apache2-devel / apache2-doc / apache2-example-pages / etc (SUSE-SU-2025:4488-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4488-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 -...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References13
suse
suse
added 2025/12/18 5:17 p.m.1 views

Security update for apache2

This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...

6.8CVSS7AI score0.01527EPSS
Exploits0References16
osv
osv
added 2025/12/18 5:17 p.m.3 views

SUSE-SU-2025:4488-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...

8.3CVSS6.9AI score0.01527EPSS
Exploits0References9
mscve
mscve
added 2025/12/11 9:1 a.m.7 views

Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

...

8.3CVSS7AI score0.01527EPSS
Exploits0
osv
osv
added 2025/12/09 11:38 a.m.4 views

BIT-APACHE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/12/08 10:40 p.m.6 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.4AI score0.01527EPSS
Exploits0References4
mageia
mageia
added 2025/12/08 6:36 p.m.20 views

Updated apache packages fix security vulnerabilities

Apache HTTP Server: modmd ACME, unintended retry intervals. CVE-2025-55753 Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Apache HTTP Server: CGI environment...

8.3CVSS7AI score0.01527EPSS
Exploits0References5
susecve
susecve
added 2025/12/06 12:23 a.m.7 views

SUSE CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

6.5CVSS7AI score0.01527EPSS
Exploits0References15
euvd
euvd
added 2025/12/05 3:30 p.m.7 views

EUVD-2025-201408

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.3AI score0.01527EPSS
Exploits0References3
nvd
nvd
added 2025/12/05 2:15 p.m.14 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS0.01527EPSS
Exploits0References2
osv
osv
added 2025/12/05 2:15 p.m.10 views

AZL-71867 CVE-2025-58098 affecting package httpd for versions less than 2.4.66-1

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References1
Rows per page
Query Builder