SUSE-SU-2026:20081-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec cmd bsc1254512 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-66200...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

EUVD-2003-1128

Malware in sbrugna...

EUVD-2003-0536

Malware in sbrugna...

EUVD-2005-0183

Malware in sbrugna...

EUVD-2004-1080

Malware in sbrugna...

EUVD-2003-0780

Malware in sbrugna...

EUVD-2004-1827

Malware in sbrugna...

EUVD-2000-0900

Malware in sbrugna...

EUVD-2006-1083

Malware in sbrugna...

Apache 2.4.64 RewriteCond expr Vulnerability

According to its banner, the version of Apache running on the remote host is 2.4.64. It is, therefore, affected by a bug which results in all "RewriteCond expr ..." tests evaluating as "true". Note that the scanner has not tested for these issues but has instead relied only on the application's...

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: CVE-2025-47947: Fixed denial of service through sanitiseMatchedBytes bsc1243978. CVE-2025-48866: Fixed denial of service via excessive number of arguments in sanitiseArg bsc1243976. Patch Instructions: To install this SUSE update us...

DSA-5940-1 modsecurity-apache - security update

Bulletin has no description...

PT-2025-23098 · Apache +2 · Apache +2

Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: The issue concerns the potential exposure of sensitive information, including database credentials, API keys, and other critical system configurations, due to the direct accessibility of .en...

Photon OS 5.0: Apache PHSA-2025-5.0-0519

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0519. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Imperva Protects Against the Apache Camel Vulnerabilities

Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via miscased headers. Although rated as moderate, this vulnerability...

Photon OS 5.0: Apache PHSA-2024-5.0-0422

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0422. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Improving Apache httpd Protections Proactively with Orange Tsai of DEVCORE

...

Recently-patched Apache Struts vulnerability used in worldwide attacks

Attackers are exploiting a critical vulnerability in Apache Struts 2 that was patched recently. Struts is a very popular open source platform to develop applications and websites. On December 7, 2023, Apache announced versions 6.3.0.2 and 2.5.33 of Struts were now available to address a potential...