11613 matches found
PT-2025-53398
CVE-2023-5094 - Apache HTTP Server Denial of Service CVE ID : CVE-2023-5094 Published : Dec. 23, 2025, 2:16 p.m. | 42 minutes ago Description : Rejected reason: This CVE id was assigned to an issue which was later deemed not security relevant. Severity: 0.0 | NA Visit the link for more details,...
PT-2025-53400
CVE-2025-48863 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2025-48863 Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago Description : Rejected reason: This CVE id was assigned but later discarded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...
PT-2025-53401
CVE-2025-48864 - Apache HTTP Server Cross-Site Scripting CVE ID : CVE-2025-48864 Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago Description : Rejected reason: This CVE id was assigned but later discarded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details,...
RockyLinux 9 : httpd (RLSA-2025:23919)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23919 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileIn...
httpd: Apache HTTP Server: CGI environment variable override
A configuration override flaw has been discovered in the apache HTTP server. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd:2.4 security update
An update is available for module.modhttp2, module.modmd, modmd, httpd, modhttp2, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...
CVE-2025-11545
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions...
httpd: Apache HTTP Server: CGI environment variable override
A configuration override flaw has been discovered in the apache HTTP server. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
Oracle Linux 10 : mod_md (ELSA-2025-23738)
The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-23738 advisory. 1:2.4.26-4 - Resolves: RHEL-134483 - httpd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 Tenable has extracted the preceding...
httpd security update
2.4.62-7.0.1.3 - Replace index.html with Oracle's index page oracleindex.html. 2.4.62-7.3 - Resolves: RHEL-135063 - httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 - Resolves: RHEL-135048 - httpd: Apache HTTP Server: CGI environment variable override...
RHEL 10 : httpd (RHSA-2025:23932)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23932 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...
Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...
PT-2025-52590
CVE-2025-68485 - Apache HTTP Server Code Injection Vulnerability CVE ID : CVE-2025-68485 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-52596
CVE-2025-68490 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-68490 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-52597
CVE-2025-68491 - Apache HTTP Server Buffer Overflow Vulnerability CVE ID : CVE-2025-68491 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...
PT-2025-52607
CVE-2025-67045 - Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID : CVE-2025-67045 Published : Dec. 19, 2025, 4:15 p.m. | 2 hours, 8 minutes ago Description : Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67041. Reason: This record is a reservation duplicate of...
PT-2025-52606
CVE-2025-67044 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-67044 Published : Dec. 19, 2025, 4:15 p.m. | 2 hours, 8 minutes ago Description : Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67035. Reason: This record is a reservation duplicate of...