Linux Distros Unpatched Vulnerability : CVE-2011-4415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, does no...

Linux Distros Unpatched Vulnerability : CVE-2007-6750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris,...

Linux Distros Unpatched Vulnerability : CVE-2011-3607

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module...

Linux Distros Unpatched Vulnerability : CVE-2003-1418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode numbe...

Linux Distros Unpatched Vulnerability : CVE-2010-2068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain...

Linux Distros Unpatched Vulnerability : CVE-2011-3192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2011-2767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation...

Linux Distros Unpatched Vulnerability : CVE-2011-3639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The modproxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly...

Linux Distros Unpatched Vulnerability : CVE-2010-1452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 modcache and 2 moddav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service process crash via a reques...

2.4 bug fix and enhancement update

An update is available for module.modmd, module.modhttp2, modhttp2, httpd, modmd, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2025-047)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.12.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-047 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError...

SUSE CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

Azure Linux 3.0 Security Update: httpd (CVE-2023-38709)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38709 advisory. - Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to...

Azure Linux 3.0 Security Update: httpd (CVE-2024-40725)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40725 advisory. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy...

Azure Linux 3.0 Security Update: httpd (CVE-2024-39884)

The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39884 advisory. - A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based...

CVE-2022-46157

Akeneo PIM is an open source Product Information Management PIM. Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions...

Security Bulletin: Vulnerability with Eclipse Jetty, e2fsprogs, dnsjava , Apache Commons IO, Apache HTTP Server and Java SE affect IBM Cloud Object Storage Systems (Dec 2024)

Summary Vulnerability with Eclipse Jetty CVE-2024-9823, CVE-2024-6763, CVE-2024-8184, e2fsprogs CVE-2022-1304 dnsjava CVE-2024-25638, Apache Commons IO. CVE-2024-47554 , Apache HTTP ServerCVE-2024-40725 and Java SE CVE-2024-21217,CVE-2024-21235, CVE-2024-21210. This vulnerability has been address...

Exploit for Path Traversal in Apache Http_Server

SSH Key and RCE PoC for CVE-2021-41773 This repository contai...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a denial of service CVE-2024-38477

Summary Apache HTTP Server is used by the IBM Datapower Operations Dashboard implementation of network operations Vulnerability Details CVEID:CVE-2024-38477 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in modproxy. By sending a...

Security Bulletin: A vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest due to the included Apache HTTP Server (CVE-2024-40898, CVE-2024-40725)

Summary IBM HTTP Server IHS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting IHS have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...