230 matches found
CVE-2024-47252 affecting package httpd for versions less than 2.4.64-1
CVE-2024-47252 affecting package httpd for versions less than 2.4.64-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-23048 affecting package httpd for versions less than 2.4.64-1
CVE-2025-23048 affecting package httpd for versions less than 2.4.64-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-23048 affecting package httpd for versions less than 2.4.64-1
CVE-2025-23048 affecting package httpd for versions less than 2.4.64-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-52082
In Netgear XR300 V1.0.3.3810.3.30, a stack-based buffer overflow exists in the HTTPD service through the usbdevice.cgi endpoint. The vulnerability occurs when processing POST requests containing the readaccess parameter...
CVE-2025-7421
A vulnerability was found in Tenda O3V2 1.0.0.123880. It has been rated as critical. This issue affects the function fromMacFilterModify of the file /goform/operateMacFilter of the component httpd. The manipulation of the argument mac leads to stack-based buffer overflow. The attack may be...
TencentOS Server 3: httpd:2.4/mod_http2 (TSSA-2024:0126)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0126 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2022-44184
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wandns1sec...
CVE-2022-40075
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formfastsettingwifiset...
CVE-2022-40067
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetVirtualSer...
CVE-2019-14706
A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because...
CVE-2019-14704
An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field...
CVE-2002-2131
Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitrary files via a .. dot dot in an unknown argument...
Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2023-43622)
The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43622 advisory. - An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block...
BIT-APACHE-2025-3891
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
Azure Linux 3.0 Security Update: httpd (CVE-2024-39884)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39884 advisory. - A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based...
Azure Linux 3.0 Security Update: httpd (CVE-2024-40898)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40898 advisory. - SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTM...
Azure Linux 3.0 Security Update: httpd (CVE-2024-38472)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...
Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2024-27316)
The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27316 advisory. - HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to genera...
Azure Linux 3.0 Security Update: httpd (CVE-2023-38709)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38709 advisory. - Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to...
Azure Linux 3.0 Security Update: httpd (CVE-2024-24795)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24795 advisory. - HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject maliciou...