5772 matches found
httpd security update
2.4.62-7.0.1.3 - Replace index.html with Oracle's index page oracleindex.html. 2.4.62-7.3 - Resolves: RHEL-135063 - httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 - Resolves: RHEL-135048 - httpd: Apache HTTP Server: CGI environment variable override...
RHEL 10 : httpd (RHSA-2025:23932)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23932 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...
Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...
PT-2025-52590
CVE-2025-68485 - Apache HTTP Server Code Injection Vulnerability CVE ID : CVE-2025-68485 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-52596
CVE-2025-68490 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-68490 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-52597
CVE-2025-68491 - Apache HTTP Server Buffer Overflow Vulnerability CVE ID : CVE-2025-68491 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...
PT-2025-52607
CVE-2025-67045 - Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID : CVE-2025-67045 Published : Dec. 19, 2025, 4:15 p.m. | 2 hours, 8 minutes ago Description : Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67041. Reason: This record is a reservation duplicate of...
PT-2025-52606
CVE-2025-67044 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-67044 Published : Dec. 19, 2025, 4:15 p.m. | 2 hours, 8 minutes ago Description : Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67035. Reason: This record is a reservation duplicate of...
PT-2025-52617
CVE-2025-67048 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-67048 Published : Dec. 19, 2025, 4:15 p.m. | 2 hours, 8 minutes ago Description : Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67039. Reason: This record is a reservation duplicate of...
PT-2025-52592
CVE-2025-68487 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-68487 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-52616
TRC analysis shows attackers chaining authentication bypass CVE-2025-67039 with OS command injection flaws to gain root access on Lantronix devices. Root compromise enables lateral movement across network infrastructure. Runtime segmentation helps contain post-compromise pivoting in critical...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2543)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-52591
CVE-2025-68486 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-68486 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-52594
CVE-2025-68488 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-68488 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-52605
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
PT-2025-52512
CVE-2025-14319 - Here is the title: Apache HTTP Server NULL Pointer Dereference Vulnerability CVE ID : CVE-2025-14319 Published : Dec. 17, 2025, 11:15 p.m. | 53 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA...
EulerOS Virtualization 2.13.1 : httpd (EulerOS-SA-2025-2543)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of...
PT-2025-52409
CVE-2025-0852 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-0852 Published : Dec. 16, 2025, 10:15 p.m. | 1 hour, 44 minutes ago Description : Rejected reason: Voluntarily withdrawn Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline...
PT-2025-52482
CVE-2025-14828 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-14828 Published : Dec. 17, 2025, 7:16 p.m. | 48 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in th...
K000158206: Apache HTTP Server vulnerability CVE-2025-66200
Security Advisory Description moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7...