Lucene search
K

57 matches found

RedHat Linux
RedHat Linux
added 2025/12/22 4:55 p.m.4 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.3CVSS7.2AI score0.01527EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/12/22 4:55 p.m.3 views

httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

A permissions bypass flaw has been discovered in the apache HTTP server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid...

5.4CVSS5.7AI score0.00591EPSS
Exploits0References6
OSV
OSV
added 2025/12/22 9:2 a.m.5 views

RLSA-2025:23732 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...

7.5CVSS6.8AI score0.01527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 1:33 a.m.5 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS7.1AI score0.01527EPSS
Exploits0References5
OSV
OSV
added 2025/12/22 12:0 a.m.9 views

ALSA-2025:23919 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.4 views

RockyLinux 8 : httpd:2.4 (RLSA-2025:23732)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...

8.3CVSS5.6AI score0.01527EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.2 views

RHEL 8 : httpd:2.4 (RHSA-2025:23732)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23732 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...

8.3CVSS5.7AI score0.01527EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2025/12/22 12:0 a.m.8 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...

8.3CVSS6.6AI score0.01527EPSS
Exploits0References10
OSV
OSV
added 2025/12/22 12:0 a.m.9 views

ALSA-2025:23932 Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References8
OSV
OSV
added 2025/12/18 5:17 p.m.3 views

SUSE-SU-2025:4488-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...

8.3CVSS6.9AI score0.01527EPSS
Exploits0References9
OSV
OSV
added 2025/12/09 11:38 a.m.5 views

BIT-APACHE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

5.4CVSS6.9AI score0.00591EPSS
Exploits0References3
OSV
OSV
added 2025/12/08 6:36 p.m.6 views

MGASA-2025-0322 Updated apache packages fix security vulnerabilities

Apache HTTP Server: modmd ACME, unintended retry intervals. CVE-2025-55753 Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Apache HTTP Server: CGI environment...

8.3CVSS6.8AI score0.01527EPSS
Exploits0References6
Mageia
Mageia
added 2025/12/08 6:36 p.m.19 views

Updated apache packages fix security vulnerabilities

Apache HTTP Server: modmd ACME, unintended retry intervals. CVE-2025-55753 Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Apache HTTP Server: CGI environment...

8.3CVSS7AI score0.01527EPSS
Exploits0References5
OSV
OSV
added 2025/12/05 11:15 a.m.5 views

UBUNTU-CVE-2025-66200

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

5.4CVSS5.8AI score0.00591EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/05 11:2 a.m.84 views

CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

0.00591EPSS
Exploits0References1
CVE
CVE
added 2025/12/05 11:2 a.m.560 views

CVE-2025-66200

CVE-2025-66200 affects Apache HTTP Server 2.4.7–2.4.65. A mod_userdir+suexec bypass via AllowOverride FileInfo lets users with htaccess access to the RequestHeader directive cause some CGI scripts to execute under an unexpected userid. Connected advisories confirm the fix is in 2.4.66 (e.g., Debi...

5.4CVSS6.6AI score0.00591EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.3 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A code execution vulnerability exists in Apache HTTP Server versions 2.4.7 through 2.4.65, which can be exploited by an attacker t...

5.4CVSS7.1AI score0.00591EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/12/04 12:0 a.m.3 views

Apache HTTP Server 2.4.7 - 2.4.65 Authentication Bypass Vulnerability - Windows

Apache HTTP Server is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.4CVSS7AI score0.00591EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-49184

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.7 through 2.4.65 Description A flaw exists in Apache HTTP Server where a bypass of mod userdir+suexec is possible via the AllowOverride FileInfo functionality. Individuals with the ability to utilize the...

5.5CVSS6.8AI score0.00591EPSS
Exploits0References215
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-49183

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.65 Description An issue exists in Apache HTTP Server where improper neutralization of escape, meta, or control sequences can occur through environment variables set via the Apache configuration. Th...

6.5CVSS7AI score0.00771EPSS
Exploits0References215
Rows per page
Query Builder