Lucene search
+L

167 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 4:54 p.m.7 views

httpd: Apache HTTP Server: Out-of-bounds Read in mod_headers and mod_mime

A flaw was found in Apache HTTP Server. An out-of-bounds read vulnerability exists when modheaders and modmime are used with multiple response languages. This could allow a remote attacker to disclose sensitive information from memory or cause a denial of service...

6.5CVSS5.7AI score0.00525EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 12:0 a.m.4 views

ALSA-2026:34355 Moderate: mod_http2 security, bug fix, and enhancement update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: Apache HTTP Server modhttp2: Use After Free vulnerability allows arbitrary code execution or denial of service. CVE-2026-48913 httpd: Apache HTTP Server:...

7.3CVSS6.4AI score0.00525EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 4:16 p.m.16 views

CVE-2026-43951

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

6.5CVSS0.00525EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 4:16 p.m.3 views

ALPINE-CVE-2026-43951

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

6.5CVSS5.9AI score0.00525EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 4:16 p.m.6 views

UBUNTU-CVE-2026-43951

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

6.5CVSS5.4AI score0.00525EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.8 views

MiracleLinux 4 : httpd24-httpd-2.4.25-9.AXS4.1 (AXSA:2017-2175:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2175:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...

9.8CVSS7.3AI score0.57472EPSS
Exploits4References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-1401

Malware in sbrugna...

7.5CVSS6.4AI score0.02915EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-2735

Malware in sbrugna...

7.5CVSS6.4AI score0.04714EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2006-2514

Malware in sbrugna...

7.5CVSS6.4AI score0.01553EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2006-3099

Malware in sbrugna...

5.1CVSS6.4AI score0.08301EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-4626

Malware in sbrugna...

7.5CVSS6.4AI score0.02673EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.50 views

RHEL 5 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modmime buffer overread CVE-2017-7679 - httpd: Weak Digest auth nonce generation in modauthdigest...

9.8CVSS7.5AI score0.94999EPSS
Exploits24References18
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.225 views

K75429050: Apache HTTPD vulnerability CVE-2017-7679

Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header. CVE-2017-7679 Impact A remote attacker may exploit this vulnerability by using a malicious response...

9.8CVSS8.2AI score0.39341EPSS
Exploits3Affected Software16
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.263 views

IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 Multiple Vulnerabilities (563615)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities related to Apache HTTP Server, as follows: - In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type...

9.8CVSS7.7AI score0.57472EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-1389)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.94999EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1177)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.57472EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.68 views

Security Bulletin: CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668 and CVE-2017-7679 in IBM i HTTP Server

Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-7679 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in modmime. By sending a specially crafted Content-Ty...

9.8CVSS1.6AI score0.57472EPSS
Exploits4Affected Software1
RedhatCVE
RedhatCVE
added 2019/10/11 5:4 p.m.99 views

CVE-2017-7679

A buffer over-read flaw was found in the httpds modmime module. A user permitted to modify httpds MIME configuration could use this flaw to cause httpd child process to crash...

7.5CVSS0.6AI score0.39341EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.66 views

Symantec Content Analysis < 2.3.1.1 affected by Multiple Vulnerabilities (SYMSA1410)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a...

9.8CVSS7.2AI score0.39341EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.60 views

EulerOS Virtualization for ARM 64 3.0.1.0 : httpd (EulerOS-SA-2019-1389)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...

9.8CVSS7.2AI score0.94999EPSS
Exploits13References8
Rows per page
Query Builder