Lucene search
K

988 matches found

EUVD
EUVD
added 2026/06/08 3:20 p.m.11 views

EUVD-2026-35097

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS5.7AI score0.00805EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/08 3:20 p.m.10 views

CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS5.6AI score0.00805EPSS
Exploits0
EUVD
EUVD
added 2026/06/08 3:19 p.m.12 views

EUVD-2026-35095

Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

9.8CVSS5.4AI score0.00486EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:19 p.m.13 views

CVE-2026-44631

Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00486EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/08 3:17 p.m.128 views

CVE-2026-44119 Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:12 p.m.9 views

CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00682EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/08 3:12 p.m.10 views

CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.5CVSS5.4AI score0.00682EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Apache HTTP Server 资源管理错误漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There was a resource management vulnerability in Apache HTTP Server versions 2.4.0 to 2.4.67...

9.8CVSS5.2AI score0.00663EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.14 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Apache HTTP Server versions 2.4.67 and earlier contain security vulnerabilities, which stem fro...

7.5CVSS5.4AI score0.00805EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.22 views

PT-2026-47320

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A heap-based buffer overflow occurs when processing untrusted content using the mod xml2enc module and the xml2StartParse function. A heap-based buffer overflow is a memory corruptio...

7.5CVSS6.1AI score0.0071EPSS
Exploits0References154
FreeBSD
FreeBSD
added 2026/06/08 12:0 a.m.23 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: See links for details...

9.8CVSS5.4AI score0.00805EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47313

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A Use After Free issue exists in Apache HTTP Server when using mod ldap in per-directory configuration. Use After Free occurs when an application continues to use a pointer after it...

9.8CVSS5.6AI score0.8377EPSS
Exploits10References135
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.26 views

PT-2026-47321

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description An out-of-bounds read occurs when using mod headers and mod mime in conjunction with multiple response languages. An out-of-bounds read is a condition where a program reads data past...

9.8CVSS5.3AI score0.41611EPSS
Exploits0References138
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47316

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description A buffer overflow occurs in the mod proxy html module, which can be triggered by an untrusted backend. Recommendations Upgrade to version 2.4.68...

9.8CVSS5.7AI score0.00805EPSS
Exploits0References153
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47323

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A buffer over-read occurs during outbound OCSP Online Certificate Status Protocol requests sent to an attacker-controlled OCSP server. A buffer over-read is a condition where a syste...

7.5CVSS5.6AI score0.00805EPSS
Exploits0References154
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47324

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description The mod proxy ftp module contains a loop with an unreachable exit condition, leading to an infinite loop when interacting with an attacker-controlled backend FTP server...

9.8CVSS5.4AI score0.02134EPSS
Exploits1References133
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

FreeBSD : Apache httpd -- DoS exploit in HTTP/2 (0d6d9d9b-5feb-11f1-8607-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0d6d9d9b-5feb-11f1-8607-8447094a420f advisory. Calif security reports: Remote DoS in modhttp2 Tenable has extracted the preceding description block...

7.5CVSS5.4AI score0.11471EPSS
Exploits8References3
Ubuntu
Ubuntu
added 2026/06/04 12:29 p.m.17 views

USN-8384-1: Apache HTTP Server vulnerability

It was discovered that Apache HTTP Server incorrectly handled certain cookie headers in the HTTP/2 implementation. A remote attacker could possibly use this issue to cause Apache HTTP Server to consume excessive resources, resulting in a denial of service...

7.5CVSS5.5AI score0.11471EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.10 views

RockyLinux 10 : httpd (RLSA-2026:21433)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21433 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read du...

9.8CVSS6.3AI score0.01325EPSS
Exploits0References11
OSV
OSV
added 2026/06/02 10:8 a.m.11 views

RHSA-2026:22140 Red Hat Security Advisory: httpd:2.4 security update

Bulletin has no description...

8.2CVSS6.8AI score0.04409EPSS
Exploits1References28
Rows per page
Query Builder