Lucene search
K

728 matches found

F5 Networks
F5 Networks
added 2026/04/16 7:15 a.m.10 views

K000160829: Apache HTTP Server Vulnerabilities CVE-2025-55753, CVE-2025-58098, CVE-2025-59775

Security Advisory Description CVE-2025-55753 An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeed...

8.3CVSS7.1AI score0.01527EPSS
Exploits0
NVD
NVD
added 2026/03/27 3:17 p.m.8 views

CVE-2026-4980

A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags...

6.3CVSS0.00202EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/18 6:31 p.m.4 views

EUVD-2026-12872

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

5.9AI score0.00382EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/18 12:0 a.m.23 views

CVE-2026-30701

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

0.00382EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 12:0 a.m.3 views

CVE-2026-30701

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

5.9AI score0.00382EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 12:0 a.m.14 views

CVE-2026-30701

The CVE-2026-30701 affects the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The vulnerability arises from hardcoded credential disclosure mechanisms using Server Side Include across server-side pages such as login.shtml and settings.shtml, which dynamically retrieve and expose the web ...

9.1CVSS5.9AI score0.00382EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.6 views

PT-2026-26107

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

5.9AI score0.00382EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.9 views

EulerOS Virtualization 2.12.0 : httpd (EulerOS-SA-2026-1487)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped quer...

9.1CVSS7.1AI score0.03914EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2026/03/17 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1581)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.2 views

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2026-1536)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2026-1556)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2026-1396)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2026-1365)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1487)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS5.8AI score0.01527EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1396)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References2
OSV
OSV
added 2026/03/15 5:55 a.m.6 views

OESA-2026-1592 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : httpd (EulerOS-SA-2026-1242)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

EulerOS 2.0 SP13 : httpd (EulerOS-SA-2026-1278)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4
OSV
OSV
added 2026/03/06 12:43 p.m.5 views

OESA-2026-1528 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References5
OSV
OSV
added 2026/03/06 12:43 p.m.3 views

OESA-2026-1527 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References5
Rows per page
Query Builder