CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/11/15 12:0 a.m.•2 views

PT-2025-47115

CVE-2025-65070 - Apache HTTP Server Unvalidated User Input Vulnerability CVE ID : CVE-2025-65070 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

6.3AI score

Positive Technologies•added 2025/11/15 12:0 a.m.•2 views

PT-2025-47097

CVE-2025-65065 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-65065 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/11/15 12:0 a.m.•3 views

PT-2025-47095

CVE-2025-1256 - CVE-2022-1234: Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-1256 Published : Nov. 14, 2025, 11:15 p.m. | 3 hours, 55 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA...

8.8CVSS6.4AI score0.00122EPSS

Exploits1References1

Positive Technologies•added 2025/11/15 12:0 a.m.•3 views

PT-2025-47116

CVE-2025-65071 - Apache HTTP Server Unvalidated Request Parameter CVE ID : CVE-2025-65071 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.5AI score

Positive Technologies•added 2025/11/15 12:0 a.m.•3 views

PT-2025-47099

CVE-2025-65067 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-65067 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/11/14 12:0 a.m.•1 views

PT-2025-47092

CVE-2025-12187 - Apache HTTP Server Remote Code Execution Vulnerability CVE ID : CVE-2025-12187 Published : 2025年11月14日19:15 | 3時間, 53分 ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in...

6.9AI score

Tenable Nessus•added 2025/11/13 12:0 a.m.•4 views

Siemens SIMATIC S7-1500 URL Redirection to Untrusted Site (CVE-2021-28861)

Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states Warnin...

7.4CVSS6.7AI score0.01395EPSS

Exploits0References4

Tenable Nessus•added 2025/11/12 12:0 a.m.•3 views

EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2395)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

7.5CVSS7.2AI score0.02675EPSS

Tenable Nessus•added 2025/11/12 12:0 a.m.•1 views

EulerOS 2.0 SP12 : mod_http2 (EulerOS-SA-2025-2335)

7.5CVSS7.2AI score0.02675EPSS

Tenable Nessus•added 2025/11/12 12:0 a.m.•2 views

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2025-2359)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

7.5CVSS7.5AI score0.04473EPSS

Tenable Nessus•added 2025/11/12 12:0 a.m.•2 views

EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2423)

7.5CVSS7.2AI score0.02675EPSS

Positive Technologies•added 2025/11/11 12:0 a.m.•3 views

PT-2025-46317

CVE-2025-12542 - CVE-2022-1234: Apache HTTP Server Unauthenticated Remote Code Execution CVE ID : CVE-2025-12542 Published : Nov. 10, 2025, 11:15 p.m. | 1 hour, 30 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 |...

8.8CVSS7.6AI score0.00122EPSS

Exploits1References1

OSV•added 2025/11/06 12:58 p.m.•1 views

BIT-GOLANG-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

5.3CVSS6.6AI score0.00041EPSS

Exploits0References6

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45535

CVE-2025-64476 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-64476 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45536

CVE-2025-64477 - Apache HTTP Server Unauthenticated Remote Command Execution CVE ID : CVE-2025-64477 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...

6.7AI score

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45537

CVE-2025-64478 - Apache HTTP Server Information Disclosure CVE ID : CVE-2025-64478 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.1AI score

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45538

CVE-2025-64479 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-64479 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45533

CVE-2025-64474 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-64474 Published : Nov. 6, 2025, 4:15 a.m. | 3 hours, 33 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...