5772 matches found
Linux Distros Unpatched Vulnerability : CVE-2003-1581
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HT...
Linux Distros Unpatched Vulnerability : CVE-2003-1580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad...
PT-2025-34593 · Undefined · Undefined
CVE-2025-24468 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-24468 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-34535 · Undefined · Undefined
CVE-2025-57829 - Apache HTTP Server Command Injection CVE ID : CVE-2025-57829 Published : Aug. 21, 2025, 4:16 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
F5 Networks BIG-IP : Apache HTTP server vulnerability (K000153074)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000153074 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the...
PT-2025-34534 · Undefined · Undefined
CVE-2025-57828 - Apache HTTP Server Unsecured Configuration CVE ID : CVE-2025-57828 Published : Aug. 21, 2025, 4:15 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-34335 · Undefined · Undefined
CVE-2025-57744 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57744 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-33835 · Undefined · Undefined
CVE-2025-57723 - Apache HTTP Server Unauthenticated Remote Code Execution CVE ID : CVE-2025-57723 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...
PT-2025-33830 · Undefined · Undefined
CVE-2025-57718 - Apache HTTP Server SSRF CVE ID : CVE-2025-57718 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-34271 · Undefined · Undefined
CVE-2025-55153 - Apache HTTP Server XML Entity Injection CVE ID : CVE-2025-55153 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 59 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module
An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...
USN-6885-6 apache2 regression
USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...
Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities due to the included Apache HTTP Server
Summary There are multiple vulnerabilities in Apache HTTP Server which affect the IBM HTTP Server used by IBM WebSphere Application Server. Vulnerability Details CVEID:CVE-2024-43204 DESCRIPTION: SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to...
Linux Distros Unpatched Vulnerability : CVE-2025-53020
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are...
K000152922: Apache HTTP server vulnerability CVE-2025-49630
Security Advisory Description In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in modproxyhttp2. Configurations affected are a reverse proxy is configured for an HTTP...
Security Bulletin: IBM HTTP Server is affected by a security bypass vulnerability due to the included Apache HTTP Server (CVE-2025-54090)
Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by a security bypass vulnerability due to the included Apache HTTP Server. This affects IBM HTTP Server with IFPH67153 installed. Vulnerability Details CVEID:CVE-2025-54090 DESCRIPTION: A bug in Apache HTTP Server 2.4.64...
Linux Distros Unpatched Vulnerability : CVE-2024-40725
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. AddType a...
Linux Distros Unpatched Vulnerability : CVE-2024-43394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache...
Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64
...