USN-8384-1 apache2 vulnerability

It was discovered that Apache HTTP Server incorrectly handled certain cookie headers in the HTTP/2 implementation. A remote attacker could possibly use this issue to cause Apache HTTP Server to consume excessive resources, resulting in a denial of service...

PT-2026-46876

It was discovered that Apache HTTP Server incorrectly handled certain cookie headers in the HTTP/2 implementation. A remote attacker could possibly use this issue to cause Apache HTTP Server to consume excessive resources, resulting in a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-48827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload- pack, git-receive-pack, and other git operations allows...

ALSA-2026:22551 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

Apache httpd -- DoS exploit in HTTP/2

Calif security reports: Remote DoS in modhttp2...

Exploit for CVE-2026-8732

CVE-2026-8732 - WP Maps Pro &checktemp=false' 3. Login via...

USN-8338-2: Apache HTTP Server regression

USN-8338-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression that prevented modhttp2 from loading on Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Apache HTTP Server incorrectly...

USN-8338-2 apache2 regression

USN-8338-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression that prevented modhttp2 from loading on Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Apache HTTP Server incorrectly...

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

PT-2026-44748

CVE-2026-8680 - Apache HTTP Server Remote Code Execution CVE ID :CVE-2026-8680 Published : May 26, 2026, 11:16 p.m. | 54 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as...

PT-2026-43619

Summary protobufjs could recurse without a depth limit while converting decoded messages to plain objects or JSON. This affected generated toObject conversion and the custom google.protobuf.Any JSON conversion path. A crafted protobuf binary payload containing deeply nested Any values could cause...

OPENSUSE-SU-2026:20810-1 Security update for apache2

This update for apache2 fixes the following issues: Changes in apache2: Version update to 2.4.66 jscPED-16181 SECURITY: CVE-2025-66200: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server...

SUSE-SU-2026:21846-1 Security update for apache2

This update for apache2 fixes the following issues: Changes in apache2: Version update to 2.4.66 jscPED-16181 SECURITY: CVE-2025-66200: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server...

PT-2026-44504

CVE-2026-43919 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID :CVE-2026-43919 Published : May 26, 2026, 3:16 p.m. | 53 minutes ago Description :Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-43918. Reason: This candidate is a duplicate of...

PT-2026-44505

CVE-2026-43919 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID :CVE-2026-43919 Published : May 26, 2026, 3:16 p.m. | 53 minutes ago Description :Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-43918. Reason: This candidate is a duplicate of...

PT-2026-44501

CVE-2026-42347 - Apache HTTP Server Authentication Bypass CVE ID :CVE-2026-42347 Published : May 26, 2026, 3:16 p.m. | 53 minutes ago Description :Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-28496. Reason: This candidate is a duplicate of CVE-2026-28496. Notes:...

Astra Linux - уязвимость в apache2

A properly crafted request URI-path can cause modproxy to forward the request to an origin server chosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

Astra Linux - уязвимость в apache2

Apache HTTP Server versions 2.4.41 to 2.4.46 with modproxyhttp can become unstable when processing specially crafted requests that use both Content-Length and Transfer-Encoding headers. This can lead to a denial of service...

Astra Linux - уязвимость в apache2

Apache HTTP Server versions 2.4.0 to 2.4.46: A specially crafted Cookie header handled by modsession can lead to a NULL pointer derefrence error and system crash, potentially causing a Denial Of Service attack...

Astra Linux – Vulnerability in Apache2

In Apache HTTP Server versions 2.4.0 to 2.4.46, a specially crafted SessionHeader sent by an origin server could cause a heap overflow...