1187 matches found
PT-2026-7824
CVE-2026-25977 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-25977 Published : 2026年2月10日 05:16 | 1 小时,59 分钟 ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-6953
CVE-2026-25696 - Apache HTTP Server Command Injection CVE ID : CVE-2026-25696 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Integer Overflow
Apache HTTP Server is vulnerable to an integer overflow. The vulnerability is due to an integer overflow in the ACME certificate renewal backoff logic after repeated renewal failures, which allows an attacker or misconfiguration to trigger continuous, delay-free renewal attempts...
Server-Side Request Forgery (SSRF)
Apache HTTP Server is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper handling of encoded and merged slashes when AllowEncodedSlashes is enabled and MergeSlashes is disabled on Windows, which allows an attacker to exploit crafted requests or malicious content ...
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...
Advisory ROSA-SA-2026-3115
software: apache 2.4.66 OS: ROSA-CHROME unaffected versions = apache-2.4.66-1 affected versions apache-2.4.66-1 CVE-ID: CVE-2025-66200 BDU-ID: 2025-15638 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the moduserdir module of the Apache HTTP Server web server involves bypassing the authentication...
PT-2026-4607
CVE-2023-32718 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2023-32718 Published : Jan. 22, 2026, 10:16 a.m. | 50 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. Severity: 0.0 | NA Visit the link for more details, such as CVSS...
PT-2026-4623
CVE-2024-45742 - Apache HTTP Server SQL Injection CVE ID : CVE-2024-45742 Published : Jan. 22, 2026, 10:16 a.m. | 50 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. Severity: 0.0 | NA Visit the link for more details, such as CVSS details...
PT-2026-4618
CVE-2024-45726 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2024-45726 Published : Jan. 22, 2026, 10:16 a.m. | 50 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. Severity: 0.0 | NA Visit the link for more details, such as CVSS...
ROS-20260122-73-0026
Apache HTTP Server vulnerability is related to insufficient server-side request validation. Exploitation of the vulnerability could allow a remote attacker to gain access to NTLM hashes by sending specially crafted requests...
CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-58098)
The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-58098 advisory. - Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but no...
CLSA-2026-1769014791 httpd: Fix of 2 CVEs
CVE-2025-66200: don't use request notes for suexec, stop accepting the obscure "note" option in RequestHeader - CVE-2025-65082: fix precedence of envvars from HTTP headers and Apache configuration...
PT-2026-4335
CVE-2026-23914 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-23914 Published : Jan. 20, 2026, 5:16 a.m. | 1 hour, 29 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-4334
CVE-2026-23913 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-23913 Published : Jan. 20, 2026, 5:16 a.m. | 1 hour, 29 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
MiracleLinux 7 : httpd-2.4.6-99.1.0.4.el7.AXS7 (AXSA:2024-8819:06)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8819:06 advisory. CVE-2023-38709: faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses...
Exploit for Path Traversal in Apache Http_Server
🛑 CVE-2021-41773 Checker CVE-2021-41773 Checker is a Python-b...
MiracleLinux 4 : php55-php-5.5.21-5.AXS4 (AXSA:2016-625:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-625:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...
MiracleLinux 3 : httpd-2.2.3-82.0.1.AXS3 (AXSA:2013-624:04)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-624:04 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2013-1896 moddav.c in the Apache HTTP...
MiracleLinux 4 : httpd-2.2.15-31.0.1.AXS4 (AXSA:2014-468:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-468:02 advisory. Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2014-0118 The...
MiracleLinux 4 : httpd-2.2.15-29.0.1.AXS4 (AXSA:2013-627:04)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-627:04 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2013-1896 moddav.c in the Apache HTTP...