992 matches found
CVE-2026-34059
Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...
CVE-2026-24072
An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...
Apache HTTP Server 安全漏洞
Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Version 2.4.66 of Apache HTTP Server contains a security vulnerability, which stems from a timi...
Apache HTTP Server 代码问题漏洞
Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Versions of Apache HTTP Server 2.4.66 and earlier have code vulnerabilities due to a null point...
PT-2026-36747
CVE-2025-12993 - Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID :CVE-2025-12993 Published : May 1, 2026, 9:16 p.m. | 54 minutes ago Description :Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67968. Reason: This candidate is a reservation duplicate of...
Exploit for Improper Resource Shutdown or Release in Apache Http_Server
No d...
Exploit for Path Traversal in Apache Http_Server
🚀 AutoReconAI – Intelligent Vulnerability Scanner & Exploit Re...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 — Apache HTTP Server 2.4.49 Path Traversal / RC...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1609)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : httpd (EulerOS-SA-2026-1609)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...
Exploit for Path Traversal in Apache Http_Server
exploitApac...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-006142)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006142 advisory. An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming...
OESA-2026-1528 httpd security update
Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...
PT-2026-23747
🚨 CYBERDUDEBIVASH SENTINEL APEX ALERT 🚨 Threat: CVE-2022-4947 - Apache Web Server Remote Code Execution Vulnerability Intel Report: https://t.co/hceE9OcILS...
Astra Linux – Vulnerability in Apache2
Improper neutralization of vulnerabilities related to escape, meta, or control sequences in the Apache HTTP Server, caused by unexpected overrides of variables calculated by the server for CGI programs, through environment variables set via Apache configuration. This issue affects the Apache HTTP...
Exploit for Path Traversal in Apache Http_Server
🕵️ HACKNET v2.4.1 —...
PT-2026-36802
Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description An improper null termination leads to an out-of-bounds read in the mod proxy ajp module. Specifically, the ajp msg get string function fails to perform a null-termination check, which may...
RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP3 (RHSA-2026:2994)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2994 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals
An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...
httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
A permissions bypass flaw has been discovered in the apache HTTP server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid...