Lucene search
K

226 matches found

OSV
OSV
added 2026/01/05 11:8 a.m.5 views

SUSE-SU-2026:0020-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References9
SUSE Linux
SUSE Linux
added 2026/01/05 11:8 a.m.4 views

Security update for apache2

This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...

6.8CVSS6.7AI score0.01527EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/01/05 2:1 a.m.3 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 2:1 a.m.7 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/01/05 2:0 a.m.3 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:55 a.m.2 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:55 a.m.58 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Commo...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/01/05 1:39 a.m.6 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/01/05 1:39 a.m.3 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.4 views

RHEL 8 : httpd:2.4 (RHSA-2026:0010)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0010 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.6 views

RHEL 7 : httpd (RHSA-2026:0075)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0075 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.5 views

RHEL 8 : httpd:2.4 (RHSA-2026:0011)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0011 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.6 views

RHEL 8 : httpd:2.4 (RHSA-2026:0009)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0009 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.3 views

RHEL 6 : httpd (RHSA-2026:0074)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0074 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.4 views

RHEL 8 : httpd:2.4 (RHSA-2026:0012)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0012 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References6
OSV
OSV
added 2025/12/29 4:51 p.m.8 views

CLSA-2025-1767027096 httpd: Fix of CVE-2025-58098

CVE-2025-58098: prevent SSI args from being passed to CGI scripts...

8.3CVSS5.8AI score0.01527EPSS
Exploits0References1
OSV
OSV
added 2025/12/29 10:35 a.m.6 views

CLSA-2025-1767004508 httpd: Fix of CVE-2025-58098

CVE-2025-58098: prevent command injection in modcgid via shell-escaped SSI query strings...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/25 12:0 a.m.3 views

SUSE SLED15: apache2 / apache2-devel / apache2-event / apache2-prefork / etc (SUSE-SU-2025:4518-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4518-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environme...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References13
OSV
OSV
added 2025/12/24 9:9 a.m.6 views

RLSA-2025:23932 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

7.1CVSS6.5AI score0.01527EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2025/12/24 9:9 a.m.7 views

httpd security update

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

8.3CVSS6.7AI score0.01527EPSS
Exploits0
Rows per page
Query Builder