Linux Distros Unpatched Vulnerability : CVE-2007-0086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service network bandwidth...

Linux Distros Unpatched Vulnerability : CVE-2003-1307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the...

Linux Distros Unpatched Vulnerability : CVE-2007-1743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other...

K000153074: Apache HTTP server vulnerability CVE-2024-42516

Security Advisory Description HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the...

PT-2025-34070 · Undefined · Undefined

🔥 Critical & High-Severity CVEs 1. CVE-2025-27461 — Ivanti Connect Secure / Policy Secure Auth Bypass → RCE Severity: Critical 9.8 Vector: Exploitable over the internet; bypasses auth → remote code execution. Why it matters: Actively exploited by ransomware crews; initial access vector. Defender...

Linux Distros Unpatched Vulnerability : CVE-2022-23527

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modauthopenidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open...

Linux Distros Unpatched Vulnerability : CVE-2021-32785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users...

USN-7639-2: Apache HTTP Server vulnerabilities

USN-7639-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and addressed a regression fix LP: 2119395. CVE-2025-49630 and CVE-2025-53020 only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original...

PT-2025-33831 · Undefined · Undefined

CVE-2025-57719 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57719 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-33829 · Undefined · Undefined

CVE-2025-57717 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57717 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Linux Distros Unpatched Vulnerability : CVE-2025-54090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in Apache HTTP Server 2.4.64 results in all RewriteCond expr ... tests evaluating as true. Users are recommended to upgrade to version 2.4.65, which fixes...

PT-2025-33616 · Undefined · Undefined

CVE-2025-55726 - Apache Server Cross-Site Request Forgery CVE ID : CVE-2025-55726 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Linux Distros Unpatched Vulnerability : CVE-2022-37436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into...

httpd: insufficient escaping of user-supplied data in mod_ssl

A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...

httpd: HTTP Session Hijack via a TLS upgrade

An HTTP session hijacking flaw was found in Apache httpd. In some modssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade...

httpd: insufficient escaping of user-supplied data in mod_ssl

A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...

httpd: HTTP Session Hijack via a TLS upgrade

An HTTP session hijacking flaw was found in Apache httpd. In some modssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade...

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 (RHSA-2025:13680)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13680 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTT...

USN-6885-6: Apache HTTP Server regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

TencentOS Server 2: httpd (TSSA-2025:0526)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0526 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...