CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5742 matches found

Positive Technologies•added 2026/01/09 12:0 a.m.•4 views

PT-2026-2239

CVE-2026-22636 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-22636 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

7AI score

Exploits0References1

Positive Technologies•added 2026/01/09 12:0 a.m.•7 views

PT-2026-2236

CVE-2026-22633 - Apache HTTP Server HTTP Header Injection CVE ID : CVE-2026-22633 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score

Exploits0References1

Positive Technologies•added 2026/01/09 12:0 a.m.•3 views

PT-2026-2235

CVE-2026-22632 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-22632 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score

Exploits0References1

Positive Technologies•added 2026/01/08 12:0 a.m.•2 views

PT-2026-2209

CVE-2026-22579 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-22579 Published : Jan. 8, 2026, 4:15 a.m. | 4 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score

Exploits0References1

Tenable Nessus•added 2026/01/08 12:0 a.m.•10 views

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2025-1318)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1318 advisory. Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=... directives. CVE-2025-58098 Improper...

8.3CVSS5.6AI score0.00145EPSS

Exploits0References8

Positive Technologies•added 2026/01/07 12:0 a.m.•5 views

PT-2026-2154

CVE-2026-22159 - Apache HTTP Server HTTP Request Smuggling CVE ID : CVE-2026-22159 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score

Exploits0References1

Positive Technologies•added 2026/01/07 12:0 a.m.•3 views

PT-2026-2153

CVE-2026-22158 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-22158 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score

Exploits0References1

Positive Technologies•added 2026/01/07 12:0 a.m.•2 views

PT-2026-2155

CVE-2026-22160 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-22160 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

7AI score

Exploits0References1

RedHat Linux•added 2026/01/06 5:34 p.m.•1 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.00018EPSS

Exploits0References5

RedHat Linux•added 2026/01/06 3:24 p.m.•5 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.3CVSS7.2AI score0.00018EPSS

Exploits0References2

OSV•added 2026/01/06 10:9 a.m.•3 views

RHSA-2026:0075 Red Hat Security Advisory: httpd security update

Bulletin has no description...

7.1CVSS6.6AI score0.00018EPSS

Exploits0References8

RedHat Linux•added 2026/01/06 5:4 a.m.•1 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

8.3CVSS5.7AI score0.00018EPSS

Exploits0References5

RedHat Linux•added 2026/01/06 12:47 a.m.•5 views

Important: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00048EPSS

Exploits0References2

Positive Technologies•added 2026/01/06 12:0 a.m.•2 views

PT-2026-2098

CVE-2026-21748 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-21748 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score

Exploits0References1

Tenable Nessus•added 2026/01/06 12:0 a.m.•5 views

RHEL 9 : httpd (RHSA-2026:0139)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0139 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...

8.3CVSS5.6AI score0.00018EPSS

Exploits0References4

Tenable Nessus•added 2026/01/06 12:0 a.m.•2 views

RHEL 9 : httpd (RHSA-2026:0141)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0141 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...

8.3CVSS5.6AI score0.00018EPSS

Exploits0References4

RedHat Linux•added 2026/01/05 6:0 p.m.•0 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

8.3CVSS5.7AI score0.00018EPSS

Exploits0References5

OSV•added 2026/01/05 10:11 a.m.•4 views

RHSA-2026:0009 Red Hat Security Advisory: httpd:2.4 security update

Bulletin has no description...

7.5CVSS6.9AI score0.00048EPSS

Exploits0References12

RedHat Linux•added 2026/01/05 2:1 a.m.•1 views