Lucene search
K

40 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 5:22 p.m.11 views

CVE-2026-29167

A flaw was found in Apache HTTP Server when using the modldap module in a per-directory configuration. This use-after-free vulnerability allows a remote attacker to potentially execute arbitrary code or cause a denial of service DoS due to improper memory handling. This could lead to system...

9.8CVSS6.2AI score0.00663EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : httpd, --advisory ALAS2-2026-3379 (ALAS-2026-3379)

The version of httpd installed on the remote host is prior to 2.4.68-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3379 advisory. Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HT...

9.8CVSS6AI score0.00805EPSS
Exploits0References24
OSV
OSV
added 2026/06/10 8:39 a.m.9 views

BIT-APACHE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.3CVSS5.4AI score0.00598EPSS
Exploits0References7
OSV
OSV
added 2026/06/10 8:39 a.m.7 views

BIT-APACHE-2026-44119 Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

5.5CVSS5.4AI score0.00171EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 8:39 a.m.11 views

BIT-APACHE-2026-42536 Apache HTTP Server: mod_xml2enc heap overflow

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.5CVSS5.4AI score0.0071EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/10 2:28 a.m.11 views

SUSE CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.3CVSS5.4AI score0.00682EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/10 2:27 a.m.12 views

SUSE CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

6.5CVSS5.4AI score0.00171EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/10 2:27 a.m.11 views

SUSE CVE-2026-44631

Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.9CVSS5.4AI score0.00486EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-44186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the modproxyftp module in Apache HTTP Server with an attacker controlled backend FTP serve...

7.3CVSS5.5AI score0.00562EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 4:16 p.m.14 views

CVE-2026-44631

Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

9.8CVSS0.00486EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 4:16 p.m.13 views

CVE-2026-42535

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

9.1CVSS0.00538EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 4:16 p.m.15 views

CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.5CVSS0.00682EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 4:16 p.m.15 views

UBUNTU-CVE-2026-29167

Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

9.8CVSS5.4AI score0.00663EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 4:16 p.m.6 views

UBUNTU-CVE-2026-42535

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

9.1CVSS5.3AI score0.00538EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 4:16 p.m.7 views

UBUNTU-CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS5.6AI score0.00805EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 4:16 p.m.10 views

UBUNTU-CVE-2026-34356

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.5CVSS5.4AI score0.00682EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/08 3:23 p.m.10 views

CVE-2026-42536

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.5CVSS5.4AI score0.0071EPSS
Exploits0
CVE
CVE
added 2026/06/08 3:20 p.m.66 views

CVE-2026-34355

CVE-2026-34355 : A buffer overflow in Apache HTTP Server’s mod_proxy_html (affecting 2.4.67 and earlier) can be exploited by an untrusted backend. The advisory indicates that upgrading to 2.4.68 fixes the issue. Documented impact is a network‑accessible overflow with high severity (CVSS v3.1: 7.5...

7.5CVSS5.7AI score0.00805EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:20 p.m.8 views

CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

5.7AI score0.00805EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 3:19 p.m.16 views

CVE-2026-44631 Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow

Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder