CVE-2026-39455

CVE-2026-39455 affects the BIG-IP Configuration utility when LDAP authentication is used. Undisclosed traffic can cause the httpd process to exhaust file descriptors, leading to a denial‑of‑service where the Configuration utility stops responding until httpd is restarted. Exploitation: remote, un...

EUVD-2018-2735

Malware in sbrugna...

CVE-2022-4499

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...

CVE-2021-29302

TP-Link TL-WR802NUS, ArcherC50v5US v4200 = 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution...

Tenda i24和Tenda W12 安全漏洞

The Tenda W12 and i24 is a wireless router made by Tenda. A stack overflow vulnerability exists in Tenda W12 and i24. The vulnerability originates from the function cgiPingSet in the /bin/httpd file.No detailed vulnerability details are available at this time...

K13114: Apache Range header vulnerability - CVE-2011-3192

Security Advisory Description The byte-range filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial-of-service memory and CPU consumption using aRange header that expresses multiple overlapping ranges. When this vulnerabili...

CVE-2022-4499 The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...

Tenda AC21 缓冲区错误漏洞

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which originates from the lack of length checking of input data in the saveParentControlInfo function of /bin/httpd, and can be exploited to cause httpd t...

CVE-2021-29302

TP-Link TL-WR802NUS, ArcherC50v5US v4200 = 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution...

Denial Of Service (DoS)

Subversion SVN is vulnerable to denial of service DoS. The vulnerability exists through a flaw found in the way the moddavsvn module handled OPTIONS requests. A remote attacker with read access to an SVN repository served via HTTP could use this flaw to cause the httpd process that handled such a...

Denial Of Service (DoS)

subversion is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found in the way the moddavsvn module processed requests submitted against the URL of a baselined resource. A malicious, remote user could use this flaw to cause the httpd process...

Denial Of Service (DoS)

subversion is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found in the way the moddavsvn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd...

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Sometimes Citrix Gateway login page takes a long time to be presented on the client’s browsers. When this issue occurs, you might observe any of the following conditions. The number of established connections to Apache counter has hit the default configured limit of 30 or a customized value, if...

CVE-2019-10137

A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitra...

CVE-2019-10137

A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitra...

Remote Code Execution (RCE)

modperl is vulnerable to arbitrary code execution. There are no configuration options to allow administrator's control of HTTP request processing without also allowing unprivileged users to run Perl code on the system in the context of the Apache HTTPd process worker. This would allow an attacker...

Denial Of Service (DoS)

Subversion SVN is vulnerable to denial of service. The moddavsvn module does not properly handle large numbers of properties such as those set with svn propset. This allows a remote attacker to cause the httpd process to consume an excessive amount of resources, potentially leading to a crash...

CVE-2018-10664

An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption...

CVE-2018-10664

Axis IP Cameras running firmware with Axis httpd service are affected by CVE-2018-10664 due to memory corruption in the httpd process. The issue is documented as a memory corruption vulnerability in Axis IP Camera devices. ThreatPost describes a broader chain of vulnerabilities in Axis cameras th...

CVE-2018-10664

An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption...