Lucene search
+L

230 matches found

OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1396)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1487)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS5.8AI score0.01527EPSS
Exploits1References2
OSV
OSV
added 2026/03/15 5:55 a.m.6 views

OESA-2026-1592 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : httpd (EulerOS-SA-2026-1242)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

EulerOS 2.0 SP13 : httpd (EulerOS-SA-2026-1278)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exe...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4
OSV
OSV
added 2026/03/06 12:43 p.m.5 views

OESA-2026-1528 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References5
OSV
OSV
added 2026/03/06 12:43 p.m.3 views

OESA-2026-1527 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.6 views

Astra Linux – Vulnerability in Apache2

Apache HTTP Server 2.4.65 and earlier, with Server Side Includes SSI enabled and modcgid but not modcgi, pass the shell-escaped query string to the exec cmd="..." directives. This issue affects Apache HTTP Server versions prior to 2.4.66. Users are recommended to upgrade to version 2.4.66, which...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/23 7:20 p.m.4 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/23 7:19 p.m.5 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2026-005339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005339 advisory. Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References4
Veracode
Veracode
added 2026/02/05 4:59 a.m.9 views

OS Command Injection

Apache HTTP Server is vulnerable to OS Command Injection. The vulnerability is due to improper handling of shell-escaped query strings when Server Side Includes SSI with exec cmd="..." are used alongside modcgid, which allows an attacker to inject and execute arbitrary system commands by crafting...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-58098)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-58098 advisory. - Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but no...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-58098)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-58098 advisory. - Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but no...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References1
OSV
OSV
added 2026/01/19 2:59 p.m.8 views

USN-7968-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal attempts to be repeated without delays, possibly leading to a denial of service. CVE-2025-55753 Anthony Parfenov discovered that the Apache HTTP Server would pass the...

8.3CVSS5.9AI score0.01527EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2026/01/19 2:59 p.m.12 views

USN-7968-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal attempts to be repeated without delays, possibly leading to a denial of service. CVE-2025-55753 Anthony Parfenov discovered that the Apache HTTP Server would pass the...

8.3CVSS7.5AI score0.01527EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/15 12:0 a.m.5 views

Security update for apache2 (moderate)

openSUSE security update: security update for apache2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20030-1 Rating: moderate References: bsc1254511 bsc1254512 bsc1254514 bsc1254515 Cross-References: CVE-2025-55753 CVE-2025-58098 CVE-2025-65082...

6.8CVSS7.2AI score0.01527EPSS
Exploits0References4
OSV
OSV
added 2026/01/14 11:3 a.m.3 views

SUSE-SU-2026:20081-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec cmd bsc1254512 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-66200...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References9
OSV
OSV
added 2026/01/14 10:49 a.m.3 views

OPENSUSE-SU-2026:20030-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec cmd bsc1254512 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-66200...

8.3CVSS6.7AI score0.01527EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

TencentOS Server 2: httpd (TSSA-2026:0012)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0012 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References2
Rows per page
Query Builder