CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в modsecurity-apache

ModSecurity is an open-source, cross-platform Web Application Firewall WAF engine for Apache, IIS, and Nginx. Versions prior to 2.9.10 contain a denial-of-service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg – it’s the same action, just an alias...

7.5CVSS7.3AI score0.0107EPSS

Exploits1References2

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mod_security (UTSA-2025-592625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-592625 advisory. ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service...

7.5CVSS7.7AI score0.0107EPSS

Exploits2References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-16670

Malicious code in bioql PyPI...

7.5CVSS8AI score0.0107EPSS

Exploits1References4

Tenable Nessus•added 2025/08/19 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-48866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of servic...

7.5CVSS7.6AI score0.0107EPSS

Exploits2References3

RedHat Linux•added 2025/08/12 8:24 p.m.•3 views

mod_security: ModSecurity Denial of Service Vulnerability

A denial of service flaw was found in ModSecurity. This vulnerability is present in the sanitiseArg/sanitizeArg function can be overloaded with a large number of arguments which will lead to excessive memory usage when processing json values. This may lead to a denial of service in the affected w...

7.5CVSS5.7AI score0.0107EPSS

Exploits1References8

RedHat Linux•added 2025/08/12 1:14 a.m.•3 views

mod_security: ModSecurity Denial of Service Vulnerability

7.5CVSS5.7AI score0.0107EPSS

Exploits1References8

RedHat Linux•added 2025/08/05 5:10 a.m.•4 views

mod_security: ModSecurity Denial of Service Vulnerability

7.5CVSS5.7AI score0.0107EPSS

Exploits1References8

OSV•added 2025/06/25 5:31 a.m.•3 views

MGASA-2025-0192 Updated apache-mod_security packages fix security vulnerabilities

ModSecurity Has Possible DoS Vulnerability. CVE-2025-47947 ModSecurity has possible DoS vulnerability in sanitiseArg action. CVE-2025-48866...

7.5CVSS7.1AI score0.0107EPSS

Exploits2References4

Tenable Nessus•added 2025/06/07 12:0 a.m.•9 views

FreeBSD : ModSecurity -- possible DoS vulnerability (fa1d42c8-42fe-11f0-a9fa-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fa1d42c8-42fe-11f0-a9fa-b42e991fc52e advisory. [email protected] reports: ModSecurity is an open source, cross platform web application...

7.5CVSS7.7AI score0.0107EPSS

Exploits2References3

OSV•added 2025/06/04 2:47 p.m.•7 views

BIT-MODSECURITY-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...

7.5CVSS7.3AI score0.0107EPSS

Exploits1References6

SUSE CVE•added 2025/06/03 2:39 a.m.•1 views

SUSE CVE-2025-48866

7.5CVSS6.8AI score0.0107EPSS

Exploits1References7

OSV•added 2025/06/02 4:15 p.m.•1 views

AZL-62229 CVE-2025-48866 affecting package mod_security 2.9.4-1

7.5CVSS7.2AI score0.0107EPSS

Exploits1References1

NVD•added 2025/06/02 4:15 p.m.•9 views

CVE-2025-48866

7.5CVSS0.0107EPSS

Exploits1References5

OSV•added 2025/06/02 4:15 p.m.•3 views

AZL-62231 CVE-2025-48866 affecting package mod_security 2.9.7-8

7.5CVSS5.5AI score0.0107EPSS

Exploits1References1

OSV•added 2025/06/02 4:15 p.m.•1 views

DEBIAN-CVE-2025-48866

7.5CVSS7.7AI score0.0107EPSS

Exploits1References1

OSV•added 2025/06/02 4:15 p.m.•0 views

UBUNTU-CVE-2025-48866

7.5CVSS7.1AI score0.0107EPSS

Exploits1References8

Cvelist•added 2025/06/02 3:46 p.m.•13 views

CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

7.5CVSS0.0107EPSS

Exploits1References4

OSV•added 2025/06/02 3:46 p.m.•6 views

CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

7.5CVSS7.8AI score0.0107EPSS

Exploits1References7

CVE•added 2025/06/02 3:46 p.m.•103 views

CVE-2025-48866

ModSecurity (mod_security) WAF engine for Apache/Nginx/IIS is affected by CVE-2025-48866. In ModSecurity versions prior to 2.9.10, the sanitiseArg (and alias sanitizeArg) action can be abused to add an excessive number of arguments, leading to a denial of service. Astra Linux advisories confirm t...

7.5CVSS7.4AI score0.0107EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/06/02 3:46 p.m.•17 views

CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

7.5CVSS6.1AI score0.0107EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by