Lucene search
K

169 matches found

Rockylinux
Rockylinux
added 2026/07/05 12:5 p.m.6 views

mod_md security update

An update is available for modmd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This module manages common properties of domains for one or more virtual hosts...

7.3CVSS7AI score0.00628EPSS
Exploits0
OSV
OSV
added 2026/07/01 12:3 p.m.4 views

RLSA-2026:30844 Moderate: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...

7.5CVSS7.1AI score0.00628EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/07/01 12:3 p.m.5 views

mod_md security update

An update is available for modmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This module manages common properties of domains for one or more virtual hosts...

7.3CVSS7.1AI score0.00628EPSS
Exploits0
OSV
OSV
added 2026/06/30 10:48 a.m.5 views

RHSA-2026:30845 Red Hat Security Advisory: mod_md security update

Bulletin has no description...

7.5CVSS7AI score0.00628EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/29 6:28 p.m.5 views

httpd: mod_md: unrestricted OCSP response leads to resource exhaustion

A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...

7.3CVSS7AI score0.00628EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:29 a.m.6 views

RHSA-2026:30844 Red Hat Security Advisory: mod_md security update

Bulletin has no description...

7.5CVSS7AI score0.00628EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/29 2:55 a.m.7 views

Moderate: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.3CVSS7AI score0.00628EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 12:0 a.m.5 views

ALSA-2026:30844 Moderate: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...

7.3CVSS7.1AI score0.00628EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.17 views

Oracle Linux 8 : httpd:2.4 (ELSA-2026-22140)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22140 advisory. - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 modmd Tenable has extracted the preceding...

9.8CVSS5.9AI score0.04409EPSS
Exploits1References7
OSV
OSV
added 2026/05/28 2:3 p.m.25 views

SUSE-SU-2026:2104-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. - CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. - CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163. -...

9.8CVSS7.6AI score0.4581EPSS
Exploits18References23
OSV
OSV
added 2026/05/26 12:12 p.m.10 views

CLSA-2026-1779797547 Fix CVE(s): CVE-2026-29168

SECURITY UPDATE: fix denial of service in modmd OCSP response handling by enforcing size limit and timeouts - debian/patches/CVE-2026-29168.patch: fix denial of service in modmd OCSP response handling by enforcing size limit and timeouts - CVE-2026-29168...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References1
OSV
OSV
added 2026/05/26 9:51 a.m.11 views

OPENSUSE-SU-2026:20810-1 Security update for apache2

This update for apache2 fixes the following issues: Changes in apache2: Version update to 2.4.66 jscPED-16181 SECURITY: CVE-2025-66200: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server...

9.1CVSS7.1AI score0.04409EPSS
Exploits2References12
OSV
OSV
added 2026/05/26 9:46 a.m.4 views

SUSE-SU-2026:21846-1 Security update for apache2

This update for apache2 fixes the following issues: Changes in apache2: Version update to 2.4.66 jscPED-16181 SECURITY: CVE-2025-66200: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo. moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server...

9.1CVSS7AI score0.04409EPSS
Exploits2References13
Fedora
Fedora
added 2026/05/19 1:33 a.m.15 views

[SECURITY] Fedora 43 Update: mod_md-2.6.11-2.fc43

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

7.3CVSS5.8AI score0.00628EPSS
Exploits0
Fedora
Fedora
added 2026/05/19 1:7 a.m.15 views

[SECURITY] Fedora 44 Update: mod_md-2.6.11-2.fc44

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

7.3CVSS5.8AI score0.00628EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.12 views

Fedora 44 : mod_md (2026-c9b72de46a)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c9b72de46a advisory. - CVE-2026-29168 fix Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.11 views

Fedora 43 : mod_md (2026-707b7050da)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-707b7050da advisory. - CVE-2026-29168 fix Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/08 12:0 a.m.6 views

The vulnerability of the mod_md module in the Apache HTTP Server, related to pointer manipulation, allows attackers to trigger resource exhaustion or server failures.

The vulnerability of the modmd module in the Apache HTTP Server is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause resource exhaustion or server failures...

10CVSS7.1AI score0.00628EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/05/06 7:55 p.m.11 views

USN-8239-1 apache2 vulnerabilities

Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...

9.8CVSS6.3AI score0.4581EPSS
Exploits18References12
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-29168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server:...

7.3CVSS7.1AI score0.00628EPSS
Exploits0References2
Rows per page
Query Builder