TencentOS Server 3: tomcat (TSSA-2025:0984)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0984 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

MiracleLinux 4 : subversion-1.6.11-2.AXS4.2 (AXSA:2011-60:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-60:01 advisory. Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files an...

MiracleLinux 3 : httpd-2.2.3-63.1.0.1.AXS3 (AXSA:2012-267:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-267:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3607 Integer overflow i...

MiracleLinux 3 : subversion-1.6.11-7.AXS3.1 (AXSA:2011-46:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-46:01 advisory. Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files an...

MiracleLinux 3 : subversion-1.6.11-7.AXS3.4 (AXSA:2011-225:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-225:03 advisory. Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files a...

MiracleLinux 3 : httpd-2.2.3-22.1.1AXS3 (AXSA:2009-63:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-63:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Fixed bugs: CVE-2008-1678 Memory leak in the zlibstatefulinit function in...

MiracleLinux 4 : apr-1.3.9-3.2.0.2.AXS4 (AXSA:2011-669:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-669:02 advisory. The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many...

MiracleLinux 3 : httpd-2.2.3-53.3.0.1.AXS3 (AXSA:2011-346:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-346:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3368 The modproxy module in the...

MiracleLinux 4 : httpd-2.2.15-9.3.0.1.AXS4 (AXSA:2012-07:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-07:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3348 The modproxyajp...

CVE-2025-53477

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue...

Astra Linux – Vulnerability in Apache2

An integer overflow occurs when attempting to renew an ACME certificate. After several attempts approximately 30 days under default configurations, the backoff timer becomes 0. Subsequent attempts to renew the certificate are repeated without delay until success is achieved. This issue affects th...

Astra Linux – Vulnerability in Apache2

Apache HTTP Server 2.4.65 and earlier, with Server Side Includes SSI enabled and modcgid but not modcgi, pass the shell-escaped query string to the exec cmd="..." directives. This issue affects Apache HTTP Server versions prior to 2.4.66. Users are recommended to upgrade to version 2.4.66, which...

Astra Linux – Vulnerability in Apache2

A vulnerability in the Apache HTTP Server’s AllowOverride FileInfo directive allows for bypassing moduserdir+suexec. Users who have access to use the RequestHeader directive in htaccess can cause certain CGI scripts to run under an unexpected userid. This issue affects the Apache HTTP Server...

Astra Linux – Vulnerability in Apache2

Double-free operations and a potential RCE vulnerability exist in the Apache HTTP Server with the HTTP/2 protocol. This issue affects the Apache HTTP Server version 2.4.66. Users are recommended to upgrade to version 2.4.67, as this version fixes the vulnerability...

Security Bulletin: Due to use of Apache Commons Text, IBM Operations Analytics - Log Analysis is affected by Remote Code Execution Attacks

Summary Apache Commons Text in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the string manipulation and interpolation. CVE-2025-46295. Vulnerability Details CVEID:CVE-2025-46295 DESCRIPTION: Apache Commons Text versions prior to 1.10.0 included interpolation features...

Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.13 / 11.0.x < 11.2.0 (JSDSERVER-16478)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16478 advisory. - Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 o...

MiracleLinux 7 : httpd-2.4.6-99.1.0.7.el7.AXS7 (AXSA:2025-9722:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9722:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security fixes: - CVE-2022-30522: fix possible DoS CVEs: CVE-2022-30522 If Apache...

RHEL 9 : pki-servlet-engine (RHSA-2026:0293)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0293 advisory. Tomcat is the servlet engine that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. T...

MiracleLinux 7 : httpd-2.4.6-99.1.0.8.el7.AXS7 (AXSA:2025-10561:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10561:05 advisory. CVE-2020-35452: modauthdigest: Fix single zero byte stack overflow CVE-2006-20001: moddav: out-of-bounds read/write CVEs: CVE-2020-35452 Apache HTT...

MiracleLinux 8 : httpd:2.4 (AXSA:2026-017:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-017:01 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...