Lucene search
K

14 matches found

OSV
OSV
added 2026/07/07 12:5 p.m.5 views

RLSA-2026:34109 Important: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: incomplete fix for CVE-2023-38709 CVE-2024-42516 httpd: NULL pointer dereference via specially crafted request CVE-2026-29169 httpd: Apache HTTP Server: Heap-based Buffer...

7.7CVSS6AI score0.00805EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 2:4 a.m.2 views

SUSE-SU-2026:2759-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...

9.8CVSS7.2AI score0.11471EPSS
Exploits8References27
OSV
OSV
added 2026/07/02 10:36 p.m.3 views

SUSE-SU-2026:2735-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...

9.8CVSS6.2AI score0.11471EPSS
Exploits8References27
OSV
OSV
added 2026/07/01 12:0 a.m.4 views

ALSA-2026:34109 Important: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: incomplete fix for CVE-2023-38709 CVE-2024-42516 httpd: NULL pointer dereference via specially crafted request CVE-2026-29169 httpd: Apache HTTP Server: Heap-based Buffer...

9.8CVSS6.8AI score0.03914EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2 : httpd, --advisory ALAS2-2026-3379 (ALAS-2026-3379)

The version of httpd installed on the remote host is prior to 2.4.68-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3379 advisory. Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HT...

9.8CVSS6AI score0.00805EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2026/06/18 2:43 p.m.9 views

CVE-2026-34355

A vulnerability has been identified in the Apache HTTP Server. If the server is configured to connect to a malicious or compromised backend server, an attacker could exploit this flaw to bypass security controls or run unauthorized code on the system. Mitigation Disable the modproxyhtml module if...

7.5CVSS5.3AI score0.00805EPSS
Exploits0References4
OSV
OSV
added 2026/06/10 8:39 a.m.7 views

BIT-APACHE-2026-34355 Apache HTTP Server: mod_proxy_html buffer overflow

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS5.6AI score0.00805EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-34355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version...

7.5CVSS6.2AI score0.00805EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/08 3:20 p.m.16 views

CVE-2026-34355 Apache HTTP Server: mod_proxy_html buffer overflow

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

5.7AI score0.00805EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 3:20 p.m.77 views

CVE-2026-34355

CVE-2026-34355 : A buffer overflow in Apache HTTP Server’s mod_proxy_html (affecting 2.4.67 and earlier) can be exploited by an untrusted backend. The advisory indicates that upgrading to 2.4.68 fixes the issue. Documented impact is a network‑accessible overflow with high severity (CVSS v3.1: 7.5...

7.5CVSS5.7AI score0.00805EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/08 3:20 p.m.10 views

CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS5.6AI score0.00805EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.21 views

PT-2026-47316

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description A buffer overflow occurs in the mod proxy html module, which can be triggered by an untrusted backend. Recommendations Upgrade to version 2.4.68...

9.8CVSS5.7AI score0.00805EPSS
Exploits0References153
OSV
OSV
added 2023/04/26 9:15 p.m.5 views

CVE-2023-29442

Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS...

6.1CVSS5.8AI score0.0941EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/26 12:0 a.m.2 views

PT-2023-22265 · Zoho · Zoho Manageengine Applications Manager

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Applications Manager versions prior to 16400 Description: The issue is related to a DOM XSS in the proxy.html file. This allows for potential exploitation. Recommendations: For versions prior to 16400, update to version 1640...

6.1CVSS5.9AI score0.0941EPSS
Exploits0References4
Rows per page
Query Builder