Lucene search
K

7 matches found

OSV
OSV
added 2026/06/20 6:57 a.m.6 views

SUSE-SU-2026:22199-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. - CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. - CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163. -...

9.8CVSS6.2AI score0.4581EPSS
Exploits18References23
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2026-1776)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1776 advisory. Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from...

9.8CVSS6.5AI score0.01339EPSS
Exploits2References16
OSV
OSV
added 2026/05/28 2:2 p.m.11 views

CLSA-2026-1779968889 Fix of 7 CVEs

SECURITY UPDATE: Authentication Bypass in digest authentication - debian/patches/CVE-2026-43512.patch: reject digest authentication attempts for unknown users in getDigest - CVE-2026-43512 SECURITY UPDATE: Account lockout bypass in LockOutRealm via case variation of user names -...

9.8CVSS5.8AI score0.01339EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.24 views

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2026-1720)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1720 advisory. An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to...

9.8CVSS5.9AI score0.01325EPSS
Exploits2References22
OSV
OSV
added 2026/05/22 1:18 p.m.9 views

OESA-2026-2401 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to...

8.8CVSS5.8AI score0.00654EPSS
Exploits2References10
Cvelist
Cvelist
added 2026/05/12 3:24 p.m.114 views

CVE-2026-43512 Apache Tomcat: Digest authenticator will authenticate any unknown user

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0. Older unsupported...

0.01233EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2026/05/06 7:55 p.m.16 views

USN-8239-1: Apache HTTP Server vulnerabilities

Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...

9.8CVSS6.3AI score0.4581EPSS
Exploits18
Rows per page
Query Builder