5769 matches found
ALSA-2025:23919 Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
ALSA-2025:23732 Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...
CVE-2025-14738
Improper authentication vulnerability in TP-Link WA850RE httpd modules allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...
CVE-2025-58098 affecting package httpd for versions less than 2.4.66-1
CVE-2025-58098 affecting package httpd for versions less than 2.4.66-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1
CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-55753 affecting package httpd for versions less than 2.4.66-1
CVE-2025-55753 affecting package httpd for versions less than 2.4.66-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-66200 affecting package httpd for versions less than 2.4.66-1
CVE-2025-66200 affecting package httpd for versions less than 2.4.66-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2578)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-14737
Command Injection vulnerability in TP-Link WA850RE httpd modules allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...
CVE-2025-14738
Improper authentication vulnerability in TP-Link WA850RE httpd modules allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...
CVE-2025-14737 Command Injection Vulnerability in TP-Link WA850RE
Command Injection vulnerability in TP-Link WA850RE httpd modules allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...
CVE-2025-14737
CVE-2025-14737 concerns a command-injection vulnerability in TP-Link WA850RE (httpd modules) that allows an authenticated adjacent attacker to inject arbitrary commands. Affected devices include WA850RE V2_160527 and WA850RE V3_160922 (and earlier), with exploitation described as possible (PoC) p...
CVE-2025-14737 Command Injection Vulnerability in TP-Link WA850RE
Command Injection vulnerability in TP-Link WA850RE httpd modules allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2160527, ≤ WA850RE V3160922...
EUVD-2025-203927
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serviceName to /goform/AdvSetMacMtuWan...
CVE-2025-67074
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serverName to /goform/AdvSetMacMtuWan...
CVE-2025-67074
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serverName to /goform/AdvSetMacMtuWan...
CVE-2025-67073
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serviceName to /goform/AdvSetMacMtuWan...
CVE-2025-14654
A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The...
RHEL 9 : httpd (RHSA-2025:14901)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14901 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient...