Lucene search
K

19025 matches found

Cvelist
Cvelist
added 2026/05/04 2:40 p.m.90 views

CVE-2026-33523 Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line

HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00436EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 2:16 p.m.7 views

ALPINE-CVE-2026-34032

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 1:16 p.m.3 views

ALPINE-CVE-2026-34059

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 1:16 p.m.5 views

DEBIAN-CVE-2026-34059

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 1:7 p.m.14 views

CVE-2026-33857 Apache HTTP Server: Off-by-one OOB reads in AJP getter functions

Out-of-bounds Read vulnerability in modproxyajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.8AI score0.00393EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 1:7 p.m.4 views

EUVD-2026-26951

Out-of-bounds Read vulnerability in modproxyajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.3CVSS5.8AI score0.00393EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/04 12:54 p.m.5 views

CVE-2026-34032

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/04 12:54 p.m.89 views

CVE-2026-34032 Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00485EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 12:54 p.m.5 views

EUVD-2026-26953

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/04 12:39 p.m.6 views

CVE-2026-34059

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.5CVSS5.8AI score0.00394EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/04 12:39 p.m.94 views

CVE-2026-34059 Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data()

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00394EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 12:39 p.m.122 views

CVE-2026-34059

CVE-2026-34059 affects Apache HTTP Server up to version 2.4.66, with a vulnerability in the mod_proxy_ajp component: a heap over-read in the ajp_parse_data() path that can lead to memory disclosure. The public description in multiple sources confirms the issue and the recommended mitigation is to...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/04 12:37 p.m.4 views

CVE-2026-24072

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

8.8CVSS5.8AI score0.00654EPSS
Exploits1
EUVD
EUVD
added 2026/05/04 12:37 p.m.28 views

EUVD-2026-26944

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

8.8CVSS5.8AI score0.00654EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:42 a.m.5 views

CVE-2026-29199

phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link poisoning. When forceservervars is disabled, the servers hostname may be extracted from the HTTP Host header which is used to generate the password reset link URL. An attacker who can manipulate the Hos...

5.8AI score0.00249EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.7 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Version 2.4.66 of Apache HTTP Server contains a security vulnerability, which stems from a timi...

4.8CVSS5.8AI score0.00557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.4 views

HP LaserJet Improper Neutralization of Input During Web Page Generation (CVE-2009-2684)

Multiple cross-site scripting XSS vulnerabilities in Jetdirect and the Embedded Web Server EWS on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the 1 ProductURL or 2 TechURL parameter in an Apply action t...

4.3CVSS5.8AI score0.0223EPSS
Exploits10References3
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.6 views

Apache HTTP Server 代码问题漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Versions of Apache HTTP Server 2.4.66 and earlier have code vulnerabilities due to a null point...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/03 8:57 p.m.121 views

Exploit for CVE-2026-36356

CVE-2026-36356: MeiG Smart FORGESLT711 GoAhead — Unauthentica...

6AI score0.15394EPSS
Exploits3
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.10 views

Starlet 环境问题漏洞

Starlet is a high-performance HTTP/1.1 pre-fork web server developed by Kazuho Oku. Versions of Starlet prior to 0.31 contained an environmental vulnerability. This vulnerability stemmed from prioritizing the Content-Length header over the Transfer-Encoding header, which could lead to HTTP reques...

5.3CVSS5.8AI score0.00378EPSS
Exploits0References2
Rows per page
Query Builder