5840 matches found
PT-2025-27054 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Request Forgery in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-27057 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a denial of service. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-27061 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Scripting problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...
PT-2025-27058 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an arbitrary file download in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices worldwide or real-world...
PT-2025-27073 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Cross-Site Request Forgery in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-27059 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a command injection problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-27074 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issu...
PT-2025-27055 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a SQL injection problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this iss...
undertow: AJP Request closes connection exceeding maxRequestSize
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by modcluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because modproxycluster...
PT-2025-26703 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No further details are provided about the nature of the issue, affected devices, or real-world incidents. Recommendations: At the momen...
PT-2025-26701 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a command injection problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-26704 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a Stored XSS in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents...
ALSA-2025:9466 Moderate: mod_proxy_cluster security update
The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
PT-2025-26702 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns HTTP Request Smuggling in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices worldwide or real-world...
PT-2025-26676 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue allows an attacker to consume all available session slots, blocking other users from logging in and preventing legitimate users from accessing the product...
PT-2025-26699 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a command injection problem. No specific details about the estimated number of potentially affected devices worldwide or real-world incidents where this issue...
Important: Red Hat Security Advisory: mod_auth_openidc security update
An update for modauthopenidc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Advisory ROSA-SA-2025-2902
Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-62.rv30 CVE-ID: CVE-2024-38472 BDU-ID: 2024-05354 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache HTTP Server web server is related to insufficient validation of incoming requests. Exploitation of the...
Advisory ROSA-SA-2025-2901
Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-51.rv3.5 CVE-ID: CVE-2024-38472 BDU-ID: 2024-05354 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache HTTP Server web server is related to insufficient validation of incoming requests. Exploitation of the...
Advisory ROSA-SA-2025-2900
Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-62.rv30 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries...