5772 matches found
RHSA-2026:0075 Red Hat Security Advisory: httpd security update
Bulletin has no description...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
Important: Red Hat Security Advisory: mod_md security update
An update for modmd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
PT-2026-2098
CVE-2026-21748 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-21748 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
RHEL 9 : httpd (RHSA-2026:0141)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0141 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
RHEL 9 : httpd (RHSA-2026:0139)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0139 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
RHSA-2026:0009 Red Hat Security Advisory: httpd:2.4 security update
Bulletin has no description...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
Important: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Commo...
mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals
An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
RHEL 8 : httpd:2.4 (RHSA-2026:0011)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0011 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...
RHEL 8 : httpd:2.4 (RHSA-2026:0010)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0010 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...
RHEL 6 : httpd (RHSA-2026:0074)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0074 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
RHEL 8 : httpd:2.4 (RHSA-2026:0009)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0009 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...
PT-2026-1217
CVE-2026-21644 - Apache HTTP Server Unvalidated Redirect CVE ID : CVE-2026-21644 Published : Jan. 3, 2026, 4:15 a.m. | 3 hours, 20 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-1232
CVE-2026-21650 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-21650 Published : Jan. 3, 2026, 4:15 a.m. | 3 hours, 20 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...