Apache Fineract 安全漏洞

Apache Fineract is a set of open source digital financial services platform from the U.S. Apache Apache Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. Apache Fineract suffers from an...

tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

A XML External Entity XXE injection vulnerability was found in the Apache Tika framework's PDF parsing functionality. It could allow a remote, unauthenticated attacker to exploit the system by providing a specially crafted PDF containing an XFA XML Forms Architecture file. This flaw could lead to...

[SECURITY] Fedora 43 Update: httpd-2.4.66-1.fc43

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Apache HTTP Server: mod_md (ACME), unintended retry intervals

...

Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

...

EulerOS 2.0 SP11 : mod_http2 (EulerOS-SA-2025-2486)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

PT-2025-51041

CVE-2025-67512 - Apache Docker Privilege Escalation CVE ID : CVE-2025-67512 Published : Dec. 11, 2025, 12:16 a.m. | 1 hour, 2 minutes ago Description : Rejected reason: The vulnerability is dependency-based. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

PT-2025-51088

CVE-2025-67514 - Apache Tomcat Remote Code Execution CVE ID : CVE-2025-67514 Published : Dec. 11, 2025, 12:16 a.m. | 1 hour, 2 minutes ago Description : Rejected reason: Vulnerability is dependency-based. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

PT-2025-51122

CVE-2025-67690 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-67690 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51118

CVE-2025-67686 - Apache HTTP Server Command Injection CVE ID : CVE-2025-67686 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51120

CVE-2025-67688 - Apache HTTP Server Improper Input Validation CVE ID : CVE-2025-67688 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-51124

CVE-2025-67692 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-67692 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-51125

CVE-2025-67693 - Apache Apache HTTP Server Missing Authentication for Configuration CVE ID : CVE-2025-67693 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

PT-2025-51036

CVE-2025-13923 - CVE-2022-3646: Apache Cassandra Remote Code Execution CVE ID : CVE-2025-13923 Published : Dec. 10, 2025, 11:15 p.m. | 2 hours, 3 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link...

PT-2025-51119

CVE-2025-67687 - Apache Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-67687 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

RockyLinux 9 : tomcat (RLSA-2025:23049)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23049 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

PT-2025-51035

CVE-2025-12731 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-12731 Published : Dec. 10, 2025, 11:15 p.m. | 2 hours, 3 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for...

PT-2025-51123

CVE-2025-67691 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-67691 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50605

Apache Struts 2 DoS Flaw CVE-2025-66675 Risks Server Crash via File Leak in Multipart Request Processing https://securityonline.info/apache-struts-2-dos-flaw-cve-2025-66775-risks-server-crash-via-file-leak-in-multipart-request-processing/...

Important Photon OS Security Update - PHSA-2025-5.0-0710

Updates of 'httpd', 'Linux-PAM' packages of Photon OS have been released...