PT-2025-52616

TRC analysis shows attackers chaining authentication bypass CVE-2025-67039 with OS command injection flaws to gain root access on Lantronix devices. Root compromise enables lateral movement across network infrastructure. Runtime segmentation helps contain post-compromise pivoting in critical...

PT-2025-52592

CVE-2025-68487 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-68487 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-52617

CVE-2025-67048 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-67048 Published : Dec. 19, 2025, 4:15 p.m. | 2 hours, 8 minutes ago Description : Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-67039. Reason: This record is a reservation duplicate of...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2543)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-52594

CVE-2025-68488 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-68488 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-52605

An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...

PT-2025-52591

CVE-2025-68486 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-68486 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

python38:3.8 and python38-devel:3.8 security update

An update is available for module.python-psutil, python-packaging, module.Cython, module.python3x-setuptools, module.python-wcwidth, module.python-ply, python-psycopg2, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy,...

PT-2025-52512

CVE-2025-14319 - Here is the title: Apache HTTP Server NULL Pointer Dereference Vulnerability CVE ID : CVE-2025-14319 Published : Dec. 17, 2025, 11:15 p.m. | 53 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA...

EulerOS Virtualization 2.13.1 : httpd (EulerOS-SA-2025-2543)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of...

EulerOS Virtualization 2.13.1 : python3 (EulerOS-SA-2025-2560)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted...

PT-2025-52409

CVE-2025-0852 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2025-0852 Published : Dec. 16, 2025, 10:15 p.m. | 1 hour, 44 minutes ago Description : Rejected reason: Voluntarily withdrawn Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline...

PT-2025-52482

CVE-2025-14828 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-14828 Published : Dec. 17, 2025, 7:16 p.m. | 48 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in th...

K000158206: Apache HTTP Server vulnerability CVE-2025-66200

Security Advisory Description moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by multiple vulnerabilities due to libexpat and the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2025-66200 DESCRIPTION: moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP...

CVE-2025-14654 Tenda AC20 httpd setPptpUserList formSetPPTPUserList stack-based overflow

A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The...

PT-2025-51262

CVE-2025-13832 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-13832 Published : Dec. 13, 2025, 11:15 p.m. | 22 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for mo...

Apache HTTP Server: mod_md (ACME), unintended retry intervals

...

PT-2025-51118

CVE-2025-67686 - Apache HTTP Server Command Injection CVE ID : CVE-2025-67686 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-51120

CVE-2025-67688 - Apache HTTP Server Improper Input Validation CVE ID : CVE-2025-67688 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...