11633 matches found
Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a sensitive information exposure in Twisted [CVE-2024-41671]
Summary IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Twisted, caused by a flaw in HTTP 1.0 and 1.1 server CVE-2024-41671. Twisted is used by our Speech Service runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation...
Apache HTTP Server Improper Escaping of Output Vulnerability
Apache HTTP Server contains an improper escaping of output vulnerability in modrewrite that allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code...
USN-7469-4: H2O vulnerability
USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for H2O. Original advisory details: It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to...
Advisory ROSA-SA-2025-2860
Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-65.rv30.3 CVE-ID: CVE-2016-0736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Apache HTTP Server due to insufficient data encryption in modsessioncrypto, making the server susceptible to padding oracle...
Advisory ROSA-SA-2025-2859
Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-65.0.1.rv3.3 CVE-ID: CVE-2016-0736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Apache HTTP Server due to insufficient data encryption in modsessioncrypto, making the server susceptible to padding oracl...
Advisory ROSA-SA-2025-2855
Software: modhttp2 1.15.7 OS: ROSA Virtualization 3.0 packageevrstring: modhttp2-1.15.7-10.rv30.3 CVE-ID: CVE-2024-38477 BDU-ID: 2024-05195 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modproxy module of the Apache HTTP Server web server is related to an incorrect null pointer entry...
Advisory ROSA-SA-2025-2856
Software: modauthopenidc 2.4.9.4 OS: ROSA Virtualization 3.0 packageevrstring: modauthopenidc-2.4.9.4-7.rv30 CVE-ID: CVE-2024-24814 BDU-ID: 2024-02794 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is associated...
Advisory ROSA-SA-2025-2852
Software: modhttp2 1.15.7 OS: ROSA Virtualization 2.1 packageevrstring: modhttp2-1.15.7-10.rv3.3 CVE-ID: CVE-2023-25690 BDU-ID: 2023-01738 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the modproxy module of the Apache HTTP Server web server is related to flaws in the handling of the...
Advisory ROSA-SA-2025-2851
Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-65.0.1.rv3.3 CVE-ID: CVE-2023-27522 BDU-ID: 2023-02021 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modproxyuwsgi component of the Apache HTTP Server web server is related to flaws in HTTP request handling...
PT-2025-18237 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a denial of service. No further details are provided about the nature of the issue, affected devices, or real-world incidents. Recommendations: At the moment,...
PT-2025-18235 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a denial of service. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue w...
PT-2025-18239 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an unvalidated request parameter. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...
PT-2025-18236 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an HTTP Header Injection in the Apache HTTP Server. No specific details about the number of potentially affected devices or real-world incidents are provided...
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2022-25690)
Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)
Summary IBM Rational Build Forge version 8.0.x is affected by CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452 Vulnerability Details CVEID:CVE-2021-31618 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of...
PT-2025-18348 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a Cross-Site Request Forgery in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-18349 · Undefined · Undefined
CVE-2018-13372 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2018-13372 Published : April 29, 2025, 3:15 a.m. | 1 hour, 29 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-18222 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a SQL injection problem. No specific details about affected devices or real-world incidents are provided. Recommendations: At the moment, there is no...
PT-2025-18221 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an authentication bypass in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices worldwide or real-world...
PT-2025-18228 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a denial of service. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...