Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : httpd24-httpd-2.4.25-9.AXS4.1 (AXSA:2017-2175:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2175:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...

9.8CVSS7.3AI score0.64829EPSS
Exploits4References7
RedhatCVE
RedhatCVEadded 2025/12/19 6:19 p.m.5 views

CVE-2025-14738

Improper authentication vulnerability in TP-Link WA850RE httpd modules allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...

7.1CVSS7.2AI score0.00212EPSS
Exploits0References1
OSV
OSVadded 2025/12/18 6:15 p.m.0 views

CVE-2025-14737

Command Injection vulnerability in TP-Link WA850RE httpd modules allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...

8CVSS5.9AI score
Exploits0References4
NVD
NVDadded 2025/12/18 6:15 p.m.3 views

CVE-2025-14738

Improper authentication vulnerability in TP-Link WA850RE httpd modules allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...

7.5CVSS0.00212EPSS
Exploits0References4
CVE
CVEadded 2025/12/18 6:0 p.m.3 views

CVE-2025-14737

CVE-2025-14737 concerns a command-injection vulnerability in TP-Link WA850RE (httpd modules) that allows an authenticated adjacent attacker to inject arbitrary commands. Affected devices include WA850RE V2_160527 and WA850RE V3_160922 (and earlier), with exploitation described as possible (PoC) p...

8.5CVSS6.8AI score0.00166EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2025/12/18 6:0 p.m.18 views

CVE-2025-14737 Command Injection Vulnerability in TP-Link WA850RE

Command Injection vulnerability in TP-Link WA850RE httpd modules allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...

8.5CVSS0.00166EPSS
Exploits0References4
OSV
OSVadded 2024/07/19 11:8 a.m.1 views

OESA-2024-1847 mod_http2 security update

Modhttp2 is an official Apache httpd module, first released in 2.4.17. See Apache downloads to get a released version. modproxyhttp2 has been released in 2.4.23. Security Fixes: Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a...

5.4CVSS6.9AI score0.00187EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2024/04/04 7:32 p.m.89 views

CVE-2024-24795

A flaw was found in httpd. An HTTP response splitting in multiple httpd modules may allow an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Mitigation Mitigation for this issue is either not available or the currently...

4CVSS7.2AI score0.01123EPSS
Exploits0References4
Rows per page
Query Builder