PT-2025-51262

CVE-2025-13832 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-13832 Published : Dec. 13, 2025, 11:15 p.m. | 22 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for mo...

Apache HTTP Server: mod_md (ACME), unintended retry intervals

...

PT-2025-51118

CVE-2025-67686 - Apache HTTP Server Command Injection CVE ID : CVE-2025-67686 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51120

CVE-2025-67688 - Apache HTTP Server Improper Input Validation CVE ID : CVE-2025-67688 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-51124

CVE-2025-67692 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-67692 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-51122

CVE-2025-67690 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-67690 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51125

CVE-2025-67693 - Apache Apache HTTP Server Missing Authentication for Configuration CVE ID : CVE-2025-67693 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

PT-2025-50932

CVE-2025-67612 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2025-67612 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50917

CVE-2025-67607 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-67607 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Apache HTTP Server Cross-Site Request Forgery Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A cross-site request forgery vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause NTLM hash...

PT-2026-36797

Name of the Vulnerable Software and Affected Versions Apache HTTP versions prior to 2.4.67 Description An escalation of privilege bug exists in various modules, including mod rewrite via ap expr, which allows local .htaccess authors to read files using the privileges of the httpd user...

PT-2025-50928

CVE-2025-67608 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-67608 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50930

CVE-2025-67610 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-67610 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50915

CVE-2025-67605 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-67605 Published : Dec. 10, 2025, 4:15 a.m. | 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50913

CVE-2025-67498 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-67498 Published : Dec. 9, 2025, 11:16 p.m. | 1 hour, 48 minutes ago Description : Rejected reason: Further research determined the issue is not a vulnerability. Severity: 0.0 | NA Visit the link for more details, such as...

PT-2026-36801

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description An out-of-bounds read issue exists in the mod proxy ajp module of Apache HTTP Server, specifically within AJP getter functions. This flaw allows a remote attacker to read memory outside t...

Apache HTTP Server Code Execution Vulnerability (CNVD-2025-30835)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A code execution vulnerability exists in Apache HTTP Server versions 2.4.7 through 2.4.65, which can be exploited by an attacker t...

BIT-APACHE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

CVE-2025-65082

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...