CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11629 matches found

Positive Technologies•added 2025/09/24 12:0 a.m.•6 views

PT-2025-39492

CVE-2025-59925 - Apache HTTP Server SQL Injection CVE ID : CVE-2025-59925 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7.5AI score

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39494

CVE-2025-59927 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-59927 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

6.4AI score

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39490

CVE-2023-47538 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2023-47538 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.4AI score

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39495

CVE-2025-59928 - Apache HTTP Server SQL Injection CVE ID : CVE-2025-59928 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7.5AI score

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39491

CVE-2025-59924 - Apache HTTP Server Command Injection CVE ID : CVE-2025-59924 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.8AI score

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39524

CVE-2025-59929 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-59929 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.4AI score

Exploits0References1

GithubExploit•added 2025/09/21 3:21 a.m.•203 views

Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor

Cookiecutter POC Template A minimal Python cookiecutter templ...

6.4CVSS7.3AI score0.01593EPSS

Exploits12

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38642

CVE-2025-59672 - Apache HTTP Server Command Injection CVE ID : CVE-2025-59672 Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.9AI score

Exploits0References1

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38641

CVE-2025-59671 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-59671 Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

6.5AI score

Exploits0References1

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38652

CVE-2025-59676 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-59676 Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.4AI score

Exploits0References1

OSSF Malicious Packages•added 2025/09/16 5:5 p.m.•3 views

Malicious code in @art-ws/http-server (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1148086ae7be1e10c209ad1d5b54d91c8c7c651b11f99c6d01b7f79a84118212 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score

Exploits0References6

OSV•added 2025/09/16 5:5 p.m.•3 views

MAL-2025-47379 Malicious code in @art-ws/http-server (npm)

7.1AI score

Exploits0References6

Snyk•added 2025/09/15 7:39 a.m.•2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score

Exploits0References2

Snyk•added 2025/09/15 7:39 a.m.•2 views

Embedded Malicious Code

9.8CVSS7AI score

Exploits0References2

vulnersOsv•added 2025/09/15 7:39 a.m.•4 views

@art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/fastify-http-server (>=2.0.15 <=2.0.23)

@art-ws/fastify-http-server NPM version =2.0.15, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSFASTIFYHTTPSERVER-12744474...

5.8AI score

Exploits0

Amazon•added 2025/09/15 12:0 a.m.•64 views

Medium: httpd

Issue Overview: A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. CVE-2025-54090 Affected Packages: httpd Issue Correction: Run dnf update httpd --releasever 2023.8.202509...

6.3CVSS6.9AI score0.00662EPSS

Exploits0

Gitee•added 2025/09/13 5:41 p.m.•82 views

Exploit for Path Traversal in Apache Http_Server

This is a PoC exploit for CVE-2021-41773, a remote code execution vulnerability in Apache HTTP Server versions 2.4.49 and 2.4.50. The exploit targets the CGI enabled feature of these versions, allowing an attacker to execute arbitrary code on the server. The exploit is written in Python and uses...

7.5CVSS8.7AI score0.99992EPSS

Exploits145

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-23797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is. CVE-2021-23797 Note that Nessus relies on the presence o...

9.8CVSS7.3AI score0.01704EPSS

Exploits1References2

Tenable Nessus•added 2025/09/10 12:0 a.m.•7 views

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2025-2071)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3...

9.1CVSS7.6AI score0.0097EPSS

Exploits1References3

RedHat Linux•added 2025/09/08 7:4 p.m.•6 views

httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption

An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some modssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if...

9.1CVSS5.7AI score0.0097EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by