Search CVE reports

Toggle filters

1 – 10 of 313 results

CVE-2025-66200

Medium priority
Needs evaluation

[mod_userdir+suexec bypass via AllowOverride FileInfo]

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-65082

Medium priority
Needs evaluation

[CGI environment variable override]

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-59775

Medium priority
Needs evaluation

[NTLM Leakage on Windows through UNC SSRF]

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-58098

Medium priority
Needs evaluation

[Server Side Includes adds query string to #exec cmd=...]

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-55753

Medium priority
Needs evaluation

[mod_md (ACME), unintended retry intervals]

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-66382

Medium priority
Needs evaluation

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release
cableswig Not in release Not in release
coin3 Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Not in release Not in release
smart Not in release Not in release Needs evaluation
firefox Not affected Not affected
thunderbird Not affected Not affected
libxmltok Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2025-59375

Medium priority
Needs evaluation

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.

23 affected packages

expat, apache2, apr-util, tdom, cmake...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release
cableswig Not in release Not in release
coin3 Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Needs evaluation
vtk Not in release Not in release
smart Not in release Not in release Needs evaluation
firefox Not affected Not affected
thunderbird Not affected Not affected
libxmltok Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2025-54090

Medium priority
Not affected

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2025-53020

Medium priority
Fixed

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue.

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Fixed Fixed Fixed Fixed
Show less packages

CVE-2025-49812

Medium priority

Some fixes available 7 of 8

In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using...

1 affected package

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON