Linux Distros Unpatched Vulnerability : CVE-2026-33007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a...

[R2] Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2

R2 Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2 Arnie Cabral Tue, 02/17/2026 - 08:32 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-65082)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65082 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-55753)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-55753 advisory. - An integer overflow in the case of failed ACME certificate renewal leads, after a number of...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-55753)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-55753 advisory. - An integer overflow in the case of failed ACME certificate renewal leads, after a number of...

MiracleLinux 7 : httpd-2.4.6-99.1.0.3.el7.AXS7 (AXSA:2024-8720:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8720:05 advisory. CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by multiple vulnerabilities due to libexpat and the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2025-66200 DESCRIPTION: moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP...

EulerOS 2.0 SP13 : httpd (EulerOS-SA-2025-2262)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

Security Bulletin:IBM HTTP Server shipped with IBM OpenPages is vulnerable to multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server, that is shipped as a supporting program of IBM OpenPages. Information about multiple vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. These products have addressed the applicable CVEs. For a...

OESA-2025-2172 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP respons...

[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1

R1 Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1 Arnie Cabral Thu, 08/28/2025 - 11:18 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components Apache, PHP, sqlit...

Azure Linux 3.0 Security Update: httpd (CVE-2025-54090)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-54090 advisory. - A bug in Apache HTTP Server 2.4.64 results in all RewriteCond expr ... tests evaluating as true. Users are...

SUSE CVE-2024-38472

SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...

[R1] Tenable.sc 5.20.0 Fixes Multiple Vulnerabilities

R1 Tenable.sc 5.20.0 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 01/05/2022 - 10:46 Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An...

Apache mod_include privilege escalation

The remote web server appears to be running a version of Apache that is older than version 1.3.33. This version is vulnerable to a local buffer overflow in the gettag function of the module 'modinclude' when a specially crafted document with malformed server-side includes is requested though an...

[slackware-security] apache, mod_ssl, php

New apache and modssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. Apache has been upgraded to version 1.3.32 which fixes a heap-based buffer overflow in modproxy. modssl was upgraded from version modssl-2.8.19-1.3.31 to version 2.8.21-1.3.32 whic...

DSA-558-1 libapache-mod-dav - null pointer dereference

Bulletin has no description...

PT-2004-1858 · Apache · Apache +2

Name of the Vulnerable Software and Affected Versions: Apache versions prior to 2.0.51 Description: The issue is related to the IPv6 URI parsing routines in the apr-util library, which can be exploited by remote attackers to cause a denial of service, specifically a child process crash, by sendin...

mod_ssl ssl_util_uuencode_binary Remote Overflow

The remote host is using a version of modssl that is older than 2.8.18. This version is vulnerable to a flaw that could allow an attacker to disable the remote website remotely, or to execute arbitrary code on the remote host. Note that several Linux distributions patched the old version of this...

Multiple security vulnerabilities in Apache 2

Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description Thre...