CVE-2025-54090 affecting package httpd for versions less than 2.4.65-1

CVE-2025-54090 affecting package httpd for versions less than 2.4.65-1. An upgraded version of the package is available that resolves this issue...

PT-2025-31959 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

PT-2025-31965 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

PT-2025-31968 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

PT-2025-31964 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

PT-2025-31958 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

Important: httpd

Issue Overview: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included ...

Critical Photon OS Security Update - PHSA-2025-5.0-0570

Updates of 'httpd' packages of Photon OS have been released...

NETGEAR XR300 Stack Buffer Overflow Vulnerability (CNVD-2025-20497)

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

NETGEAR XR300 Stack Buffer Overflow Vulnerability (CNVD-2025-20496)

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

Tenda AC20 Buffer Overflow Vulnerability

Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from improper handli...

CVE-2025-8160

The CVE affects Tenda AC20 via a buffer overflow in httpd’s /goform/SetSysTimeCfg, triggered by tampering with the timeZone parameter. Multiple sources confirm remote exploitation and public exploit disclosure. Impact includes potential arbitrary code execution with high confidentiality, integrit...

Tenda AC6 Buffer Overflow Vulnerability

Tenda AC6 is a dual-band wireless router that supports IPv4 and IPv6 protocols and is designed for home network environments. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the httpd component function setparentcontrolinfo fails to correctly validate the length of t...

NewStart CGSL MAIN 7.02 : httpd Multiple Vulnerabilities (NS-SA-2025-0132)

The remote NewStart CGSL host, running version MAIN 7.02, has httpd packages installed that are affected by multiple vulnerabilities: - Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications...

[slackware-security] httpd

New httpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.65-i586-1slack15.0.txz: Upgraded. This release fixes bugs and the following security issues: HTTP/2 DoS by Memory Increase...

Maintenance update for Multi-Linux Manager 4.3: Server, Proxy and Retail Branch Server

Description: This update fixes the following issues: mgr-daemon: Version 4.3.12-0: Updated translation strings proxy-helm: Version 4.3.17: Chart rebuilt to the newest version with updated dependencies for SUSE Manager 4.3.16 proxy-httpd-image: Version 4.3.18: Image rebuilt to the newest version...

CVE-2025-8060 Tenda AC23 httpd setMacFilterCfg sub_46C940 stack-based overflow

A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by this vulnerability is the function sub46C940 of the file /goform/setMacFilterCfg of the component httpd. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack ca...

Tenda AC23 安全漏洞

Tenda AC23 is a high performance wireless router from Tenda Technology. A buffer overflow vulnerability exists in Tenda AC23 version 16.03.07.52, which originates from the mishandling of the deviceList parameter in the sub46C940 function in the httpd component/goform/setMacFilterCfg file. An...

Slackware Linux 15.0 / current httpd Multiple Vulnerabilities (SSA:2025-204-01)

The version of httpd installed on the remote host is prior to 2.4.65. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-204-01 advisory. New httpd packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

K000152669: Apache HTTPD vulnerability CVE-2025-23048

Security Advisory Description In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each...