Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61164 matches found

Positive Technologies
Positive Technologiesadded 2026/01/07 12:0 a.m.3 views

PT-2026-2157

CVE-2026-22162 - Apache Struts Command Injection CVE ID : CVE-2026-22162 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/07 12:0 a.m.5 views

PT-2026-2154

CVE-2026-22159 - Apache HTTP Server HTTP Request Smuggling CVE ID : CVE-2026-22159 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/07 12:0 a.m.3 views

PT-2026-2152

CVE-2026-22157 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2026-22157 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

7.5AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/07 12:0 a.m.2 views

PT-2026-2156

CVE-2026-22161 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-22161 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

7AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/07 12:0 a.m.4 views

PT-2026-2153

CVE-2026-22158 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-22158 Published : Jan. 7, 2026, 12:17 p.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score
Exploits0References1
Amazon
Amazonadded 2026/01/07 12:0 a.m.73 views

Important: httpd

Issue Overview: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Serv...

8.3CVSS6.7AI score0.015EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/01/07 12:0 a.m.9 views

Atlassian Confluence < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101788)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101788 advisory. - Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an...

9.8CVSS7.8AI score0.79807EPSS
Exploits5References2
Tenable Nessus
Tenable Nessusadded 2026/01/07 12:0 a.m.8 views

Atlassian Jira Service Management Data Center and Server < 10.3.15 / 11.0.x < 11.2.1 (JSDSERVER-16477)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16477 advisory. - Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers...

9.8CVSS7.8AI score0.79807EPSS
Exploits6References2
Tenable Nessus
Tenable Nessusadded 2026/01/07 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-000182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000182 advisory. The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using...

5.3CVSS7.1AI score0.04398EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/01/06 9:28 p.m.3 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.015EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/01/06 5:34 p.m.3 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.015EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/01/06 5:34 p.m.5 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.3CVSS7.2AI score0.015EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/01/06 3:44 p.m.8 views

Security Bulletin: Due to use of Apache Kafka, IBM Operations Analytics - Log Analysis is affected by remote code execution and denial of service.

Summary Apache Kafka in Logstash is used by IBM Operations Analytics - Log Analysis for high-throughput, fault-tolerant, and scalable data processing. CVE-2025-27819, CVE-2025-27818. Vulnerability Details CVEID:CVE-2025-27819 DESCRIPTION: In CVE-2023-25194, we announced the RCE/Denial of service...

8.8CVSS6.6AI score0.00871EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/01/06 3:28 p.m.5 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by incorrect authorisation and XML external entity (XXE) vulnerabilities due to Apache Solr.

Summary Apache Solr is used by IBM Operations Analytics - Log Analysis as part of managing Solr collection and arbitary local file. CVE-2018-11802, CVE-2018-1308. Vulnerability Details CVEID:CVE-2018-11802 DESCRIPTION: In Apache Solr, the cluster can be partitioned into multiple collections and...

7.5CVSS6.3AI score0.20937EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linuxadded 2026/01/06 3:24 p.m.2 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.015EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/01/06 3:24 p.m.7 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.3CVSS7.2AI score0.015EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/06 2:5 p.m.4 views

CVE-2025-68280

Improper Restriction of XML External Entity Reference vulnerability in Apache SIS. It is possible to write XML files in such a way that, when parsed by Apache SIS, an XML file reveals to the attacker the content of a local file on the server running Apache SIS. This vulnerability impacts the...

6.5CVSS6.6AI score0.00582EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/01/06 12:1 p.m.6 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by improper access control and integer truncation issues due to flaw in Apache Xalan

Summary Apache Xalan in Logstash is used by IBM Operations Analytics - Log Analysis as part of the data transformation and integration. CVE-2014-0107, CVE-2022-34169. Vulnerability Details CVEID:CVE-2014-0107 DESCRIPTION: The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly...

7.5CVSS9.6AI score0.17342EPSS
Exploits4Affected Software1
OSV
OSVadded 2026/01/06 10:9 a.m.4 views

RHSA-2026:0095 Red Hat Security Advisory: httpd security update

Bulletin has no description...

7.1CVSS6.6AI score0.015EPSS
Exploits0References8
OSV
OSVadded 2026/01/06 10:9 a.m.4 views

RHSA-2026:0090 Red Hat Security Advisory: httpd security update

Bulletin has no description...

7.1CVSS6.6AI score0.015EPSS
Exploits0References8
Rows per page
Query Builder