5769 matches found
EUVD-2022-52357
Malicious code in bioql PyPI...
EUVD-2025-19847
Malicious code in bioql PyPI...
EUVD-2022-38996
Malicious code in bioql PyPI...
EUVD-2022-46632
Malicious code in bioql PyPI...
EUVD-2022-43393
Malicious code in bioql PyPI...
EUVD-2022-47134
Malicious code in bioql PyPI...
EUVD-2025-22705
Malicious code in bioql PyPI...
EUVD-2022-43398
Malicious code in bioql PyPI...
EUVD-2023-38438
Malicious code in bioql PyPI...
httpd security update
An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...
AlmaLinux 9 : httpd (ALSA-2025:15023)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15023 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using TLS...
httpd: CONTINUATION frames DoS
A vulnerability was found in how Apache httpd implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers,...
Tenda AC9 安全漏洞
Tenda AC9 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC9 version 1.0, which originates from the improper handling of the usb.samba.guest.user parameter in the formSetSambaConf function in the httpd file, which may lead to OS command injection...
VulnCheck KEV: CVE-2025-7414
A vulnerability classified as critical was found in Tenda O3V2 1.0.0.123880. This vulnerability affects the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument domain leads to os command injection. The attack can be initiated remotely...
CLSA-2025-1758035415 httpd: Fix of 2 CVEs
CVE-2024-47252: escape characters are now properly handled in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP desynchronisation attack...
CLSA-2025-1758035329 httpd: Fix of 2 CVEs
CVE-2024-47252: escape user-supplied data in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attack...
Moderate: Red Hat Security Advisory: mod_http2 security update
An update for modhttp2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module
An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...
httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module
An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...
RHEL 9 : mod_http2 (RHSA-2025:15727)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15727 advisory. The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modproxyhttp2:...