AlmaLinux 9 : httpd (ALSA-2026:21391)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21391 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due ...

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

EUVD-2026-31904

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modmemcache...

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities; these vulnerabilities stem from the optional module modmemcache, which may lead to denial-of-service attacks...

EUVD-2026-26963

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

Datapizza AI 代码问题漏洞

Datapizza AI is an open-source development framework for intelligent agents by Datapizza. Version 0.0.2 of Datapizza AI contains code vulnerabilities. These vulnerabilities stem from incorrect operations on the function RedisCache in the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.p...

com.qwlabs.doraemon:feature-flags (>=0.2.239 <=0.2.256), com.qwlabs.doraemon:q-api (>=0.2.239 <=0.2.256) +8 more potentially affected by CVE-2023-6393 via io.quarkus:quarkus-cache (>=3.2.0.CR1 <=3.2.8.Final)

io.quarkus:quarkus-cache MAVEN version =3.2.0.CR1, =0.2.239, =0.2.239, =0.2.239, =0.2.239, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =2.0.17, =2.1.0-BETA-7 Source cves: CVE-2023-6393 Source advisory: OSV:GHSA-XFV5-JQGP-VQHJ...

CVE-2023-1478

The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module...

CVE-2023-1478 Hummingbird < 3.4.2 - Unauthenticated Path Traversal

The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module...

antSword

This is a comprehensive analysis of the provided code and metadata from the AntSword repository. Classification: Exploit module/toolkit targeting web applications Primary CVE ID: Not specified Target product/service or framework: Web applications Vulnerability class/vector: Not specified Probable...

httpd: NULL pointer dereference in mod_cache if Content-Type has empty value

A NULL pointer dereference flaw was found in the way the modcache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled...

CentOS 6 : freeradius (CESA-2015:1287)

Updated freeradius packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

httpd: NULL pointer dereference in mod_cache if Content-Type has empty value

A NULL pointer dereference flaw was found in the way the modcache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled...

CVE-2014-3581

The cachemergeheadersout function in modules/cache/cacheutil.c in the modcache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty HTTP Content-Type header...

Null pointer dereference

The cacheinvalidate function in modules/cache/cachestorage.c in the modcache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service NULL pointer dereference and daemon crash via vectors that trigger a missing hostna...

mod_dav: DoS (httpd child process crash) by parsing URI structure with missing path segments

The 1 modcache and 2 moddav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service process crash via a request that lacks a path...

CVE-2007-1863

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...