MiracleLinux 4 : httpd-2.2.15-9.3.0.1.AXS4 (AXSA:2012-07:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-07:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3348 The modproxyajp...

MiracleLinux 9 : httpd-2.4.62-7.el9_7.3 (AXSA:2025-11631:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11631:11 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride...

MiracleLinux 7 : httpd-2.4.6-99.1.0.8.el7.AXS7 (AXSA:2025-10561:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10561:05 advisory. CVE-2020-35452: modauthdigest: Fix single zero byte stack overflow CVE-2006-20001: moddav: out-of-bounds read/write CVEs: CVE-2020-35452 Apache HTT...

MiracleLinux 8 : httpd:2.4 (AXSA:2026-017:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-017:01 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

Security Bulletin: IBM HTTP Server, which is bundled with WebSphere Remote Server, is affected by multiple vulnerabilities due to libexpat and the included Apache HTTP Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server has been published in a security bulletin Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

CVE-2017-18428

In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log processing SEC-290...

CVE-2017-18429

In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination SEC-291...

CVE-2020-12442

Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250...

PT-2026-2237

CVE-2026-22634 - Apache HTTP Server Unauthenticated Remote Command Execution CVE ID : CVE-2026-22634 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

PT-2026-2239

CVE-2026-22636 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-22636 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2026-2234

CVE-2026-22631 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-22631 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2026-2236

CVE-2026-22633 - Apache HTTP Server HTTP Header Injection CVE ID : CVE-2026-22633 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2026-2235

CVE-2026-22632 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-22632 Published : Jan. 9, 2026, 4:15 a.m. | 2 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2026-2209

CVE-2026-22579 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-22579 Published : Jan. 8, 2026, 4:15 a.m. | 4 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2025-1318)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1318 advisory. Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=... directives. CVE-2025-58098 Improper...

PT-2026-2153

CVE-2026-22158 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-22158 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2026-2154

CVE-2026-22159 - Apache HTTP Server HTTP Request Smuggling CVE ID : CVE-2026-22159 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2026-2155

CVE-2026-22160 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-22160 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...