PT-2026-30480

VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the mtu eth0 parameter. Attackers can send POST requests to the changeip.php endpoint with malicious payload in the mtu eth0 field t...

Linux Distros Unpatched Vulnerability : CVE-2025-58136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 throug...

Linux Distros Unpatched Vulnerability : CVE-2025-65114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0...

CVE-2025-58136

A flaw was found in Apache Traffic Server. A remote attacker can exploit a bug in the POST request handling mechanism, which, under certain conditions, causes the server to crash. This vulnerability can lead to a Denial of Service DoS, making the affected service unavailable to legitimate users...

CVE-2025-65114

A flaw was found in Apache Traffic Server. This vulnerability allows a remote attacker to perform request smuggling by sending malformed chunked messages. Request smuggling can lead to bypassing security controls and potentially unauthorized access to sensitive information or services. Mitigation...

Security Bulletin: Due to use of Apache Commons Lang, IBM Operations Analytics - Log Analysis is affected by Uncontrolled Recursion Vulnerability

Summary Apache Commons Lang in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the core utility such as string manipulation, object utilities, and class utilities. CVE-2025-48924. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerabilit...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Apache Tika

Summary Multiple vulnerabilities in Apache Tika that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2025-54988 DESCRIPTION: Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an...

Exploit for Server-Side Request Forgery in Apache Cxf

DevArea SOAP Exploitation Tool CVE-2022-46364 Descripti...

Exploit for Code Injection in Apache Ranger

CVE-2025-59059: Misattributed RCE in Apache Ranger a correcti...

KLA90975 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve...

EUVD-2025-209190

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

EUVD-2025-209188

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

DEBIAN-CVE-2025-65114

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

DEBIAN-CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

CVE-2025-65114

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

UBUNTU-CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

K000159875: Apache HTTP Server vulnerability CVE-2025-65082

Security Advisory Description Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HT...

CVE-2025-65114 Apache Traffic Server: Malformed chunked message body allows request smuggling

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...

CVE-2025-65114

Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue...