CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11607 matches found

Positive Technologies•added 2026/02/13 12:0 a.m.•3 views

PT-2026-8256

CVE-2025-35961 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-35961 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the link f...

5.6AI score

Exploits0References1

Positive Technologies•added 2026/02/13 12:0 a.m.•3 views

PT-2026-8281

CVE-2025-68128 - Apache HTTP Server Information Disclosure CVE ID : CVE-2025-68128 Published : Feb. 13, 2026, 9:16 p.m. | 2 hours, 19 minutes ago Description : Rejected reason: reserved but not needed Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/13 12:0 a.m.•4 views

PT-2026-8262

CVE-2025-36523 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-36523 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the link f...

5.6AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•3 views

PT-2026-8172

CVE-2026-26090 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26090 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•1 views

PT-2026-8169

CVE-2026-26087 - Apache HTTP Server Unvalidated Request Parameter CVE ID : CVE-2026-26087 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•3 views

PT-2026-8104

CVE-2026-26086 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26086 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•3 views

PT-2026-8171

CVE-2026-26089 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2026-26089 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.6AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•3 views

PT-2026-8103

CVE-2026-26085 - Apache HTTP Server Information Disclosure CVE ID : CVE-2026-26085 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•3 views

PT-2026-8174

CVE-2026-26092 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26092 Published : Feb. 12, 2026, 5:17 a.m. | 2 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

5.5AI score

Exploits0References1

Snyk•added 2026/02/11 7:49 p.m.•4 views

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the registerHTTPServer function. An attacker can gain full access to sensitive configuration data, manipulate or delete collections, manage user credentials, shut down services, and write...

9.8CVSS5.8AI score0.15051EPSS

Exploits1References4

GithubExploit•added 2026/02/11 8:18 a.m.•134 views

Exploit for Path Traversal in Apache Http_Server

PoC-Apa...

7.5CVSS5.4AI score0.94391EPSS

Exploits145

Positive Technologies•added 2026/02/11 12:0 a.m.•3 views

PT-2026-7981

CVE-2026-26043 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-26043 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

5.5AI score

Exploits0References1

Tenable Nessus•added 2026/02/11 12:0 a.m.•5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005337 advisory. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause...

5.4CVSS5.6AI score0.00041EPSS

Exploits0References4

Positive Technologies•added 2026/02/11 12:0 a.m.•2 views

PT-2026-7976

CVE-2026-26038 - Apache HTTP Server Denial of Service CVE ID : CVE-2026-26038 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.5AI score

Exploits0References1

Positive Technologies•added 2026/02/11 12:0 a.m.•5 views

PT-2026-7978

CVE-2026-26040 - Apache HTTP Server SQL Injection CVE ID : CVE-2026-26040 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.8AI score

Exploits0References1

Positive Technologies•added 2026/02/11 12:0 a.m.•3 views

PT-2026-7975

CVE-2026-26037 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2026-26037 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.6AI score

Exploits0References1

Tenable Nessus•added 2026/02/11 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005340 advisory. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration...

6.5CVSS5.6AI score0.00145EPSS

Exploits0References4

Positive Technologies•added 2026/02/11 12:0 a.m.•2 views

PT-2026-7980

CVE-2026-26042 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2026-26042 Published : Feb. 11, 2026, 5:16 a.m. | 2 hours, 4 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.5AI score

Exploits0References1

OSV•added 2026/02/10 12:25 a.m.•6 views

GHSA-8GRV-JQ2G-CFHW amphp/http-server affected by HTTP/2 DDoS vulnerability

Versions of amphp/http-server prior to 3.4.4 for the 3.x release branch and prior to 2.1.10 for the 2.x release branch are vulnerable to the HTTP/2 "MadeYouReset" DoS attack described by CVE-2025-8671 and https://kb.cert.org/vuls/id/767506. In versions 3.4.4 and 2.1.10, stream reset protection ha...

5.3CVSS5.4AI score

Exploits0References4

Github Security Blog•added 2026/02/10 12:25 a.m.•13 views

amphp/http-server affected by HTTP/2 DDoS vulnerability

7.5CVSS5.4AI score0.03274EPSS

Exploits3References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by