macOS 14.x < 14.8.5 Multiple Vulnerabilities (126796)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.8.5. It is, therefore, affected by multiple vulnerabilities: - A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A...

EUVD-2000-1190

Malware in sbrugna...

EUVD-2001-0131

Malware in sbrugna...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2025:02684-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02684-1 advisory. - CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 - CVE-2024-43204: Fixed a SSRF when...

apache2-2.4.64-1.1 on GA media (moderate)

apache2-2.4.64-1.1 on GA media Announcement ID: openSUSE-SU-2025:15360-1 Rating: moderate Cross-References: CVE-2024-42516 CVE-2024-43204 CVE-2024-43394 CVE-2024-47252 CVE-2025-23048 CVE-2025-49630 CVE-2025-49812 CVE-2025-53020 CVSS scores: CVE-2024-42516 SUSE : 4...

Apache 2.4.x < 2.4.64 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.64. It is, therefore, affected by multiple vulnerabilities: - HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of...

JVN#09924566: Denial-of-service (DoS) vulnerabilities in multiple Apache products

Multiple Apache products provided by The Apache Software Foundation contain vulnerabilities listed below. Allocation of resources without limits or throttling CWE-770 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base...

[SECURITY] [DSA 5940-1] modsecurity-apache security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5940-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2025 https://www.debian.org/security/faq -...

Alibaba Cloud Linux 3 : 0155: httpd:2.4 (ALINUX3-SA-2024:0155)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0155 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-38709: Faulty input validation in...

GHSA-F45G-HJ72-H8M6 vulnerabilities

Vulnerabilities for packages: apache2...

Photon OS 5.0: Apache PHSA-2025-5.0-0445

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0445. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

USN-6885-3 apache2 vulnerabilities

USN-6885-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A remote attacker...

Ubuntu: Security Advisory (USN-6729-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in Apache Tomcat, Apache Commons FileUpload and Apache Axis might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Apache Tomcat, Apache Commons FileUpload, and Apache Axis. A remote attacker could exploit these vulnerabilities to cause a denial of service condition, to obtain a session cookie, sensitive and Http11Processor instanc...

[R1] Stand-alone Security Patch Available for Tenable Security Center versions 5.23.1, 6.0.0, 6.1.0, 6.1.1, and 6.2.0: SC-202312.1

R1 Stand-alone Security Patch Available for Tenable Security Center versions 5.23.1, 6.0.0, 6.1.0, 6.1.1, and 6.2.0: SC-202312.1 Arnie Cabral Thu, 12/14/2023 - 10:41 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components Apache w...

Apache vulnerability CVE-2006-20001 CVE-2022-36760  CVE-2022-37436 in License Server version 11.17.2

Apache/2.4.54 contains vulnerabilities and is used in the Citrix License Server version 11.17.2 build 41000. Security scans may raise the following CVEs: CVE-2006-20001 CVE-2022-36760 CVE-2022-37436...

Security Bulletin: IBM App Connect for Healthcare is affected by multiple Apache vulnerabilities

Summary IBM App Connect for Healthcare has multiple vulnerabilities. CVE-2014-0107, CVE-2022-34169, CVE-2013-0248, CVE-2016-3092, CVE-2016-1000031, CVE-2014-0050, CVE-2013-2186, CVE-2012-5783, CVE-2021-29425, CVE-2023-24998, IBM X-FORCE ID 220723. The fix provided resolves these issues...

Apache 2.4.x < 2.4.55 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.55. It is, therefore, affected by multiple vulnerabilities: - A crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header valu...

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.21.0: Patch 202206.1

R1 Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.21.0: Patch 202206.1 Arnie Cabral Thu, 06/30/2022 - 11:05 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components Apache was found to contain vulnerabilities,...

Vulnerabilities fixed in Apache HTTP Server

Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Apache has released...