Sec Feed Reader

# ISO/IEC 27001:2022 — Security-Lage-Dashboard Strukturierte Uebersicht nach den relevanten Sicherheitskontrollen der ISO 27001:2022.

--- ## A.8.8 — Management technischer Schwachstellen _Vendor-Advisories, Distributor-Sicherheitsmeldungen und Package-Tracker_

Gesamt

Critical

High

CVEs


CVE-2026-28780: Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy_ajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.	2026-05-04 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2026-28780
CVE-2025-23048: In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.62, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.	2025-07-10 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2025-23048
PHP RCE: A Bypass of CVE-2012-1823, Argument Injection in PHP-CGI	2024-09-28 17:37	CRITICAL	php_sec — `vendor_advisory`	CVE-2012-1823, CVE-2024-4577
PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)	2024-09-27 17:50	CRITICAL	php_sec — `vendor_advisory`	CVE-2024-4577, CVE-2024-8926
CVE-2024-40898: SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue.	2024-07-17 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2024-40898
CVE-2024-38475: Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained.	2024-07-01 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2024-38475
CVE-2024-38476: Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'SetHandler' after this fix. Users are recommended to upgrade to version 2.4.60, which fixes this issue.	2024-07-01 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2024-38476
bypass CVE-2024-1874	2024-06-09 18:37	CRITICAL	php_sec — `vendor_advisory`	CVE-2024-1874, CVE-2024-5585
CVE-2023-25690: Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning.	2023-03-07 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2023-25690
CVE-2022-36760: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.	2023-01-17 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2022-36760
CVE-2026-29168: Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.	2026-05-04 12:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2026-29168
CVE-2026-29169: A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.mod_dav_lock is not used internally by mod_dav or mod_dav_fs. The only known use-case for mod_dav_lock was mod_dav_svn from Apache Subversion earlier than version 1.2.0. Users are recommended to upgrade to version 2.4.67, which fixes this issue, or remove mod_dav_lock.	2026-05-04 12:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2026-29169
CVE-2026-24072: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue.	2026-05-04 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2026-24072
CVE-2026-34059: Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.	2026-05-04 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2026-34059
CVE-2026-23918: Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.	2026-05-04 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2026-23918
v3.0.15	2026-04-28 17:49	HIGH	owasp_modsecurity — `vendor_advisory`	CVE-2026-30923, CVE-2026-42268
CVE-2025-59775: Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes the issue.	2025-12-04 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2025-59775
CVE-2025-55753: An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.	2025-12-04 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2025-55753
CVE-2025-58098: Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.	2025-12-04 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2025-58098
CVE-2024-43204: SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.	2025-07-10 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2024-43204
CVE-2025-53020: Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue.	2025-07-10 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2025-53020
CVE-2024-43394: Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via mod_rewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. The server offers limited protection against administrators directing the server to open UNC paths. Windows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.	2025-07-10 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2024-43394
CVE-2024-47252: Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.	2025-07-10 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2024-47252
CVE-2024-42516: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue.	2025-07-10 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2023-38709, CVE-2024-42516
CVE-2025-49630: In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to "on".	2025-07-10 00:00	HIGH	apache_httpd_sec — `vendor_advisory`	CVE-2025-49630

--- ## A.5.5 — Kontakt zu Behoerden und Interessensgruppen _CERT-Meldungen nationaler und internationaler Behoerden_

Gesamt

Critical

High


Version 1.0: Zimbra: Aktive Ausnutzung der Schwachstelle CVE-2024-45519	2024-10-02 10:00	CRITICAL	bsi_csw — `government_cert`	CVE-2024-45519

--- ## A.8.16 — Ueberwachung von Aktivitaeten _Critical und High Advisories — gefiltert um reines Security-News-Rauschen_

Critical

High

CVEs


A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens	2026-05-13 07:00	CRITICAL	project_zero — `threat_intel`	CVE-2025-54957
CVE-2026-28780: Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy_ajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.	2026-05-04 00:00	CRITICAL	apache_httpd_sec — `vendor_advisory`	CVE-2026-28780
ZDI-26-307: FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability	2026-05-01 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-41265
VU#414811: Terrarium contains a vulnerability that allows arbitrary code execution	2026-04-21 13:37	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-5752
ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability	2026-04-21 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-5059
VU#915947: SGLang is vulnerable to remote code execution when rendering chat templates from a model file	2026-04-20 13:46	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-5760
ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability	2026-04-15 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-54948
ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability	2026-04-15 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-22898
ZDI-26-270: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability	2026-04-15 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-54987
VU#536588: Multiple Heap Buffer Overflows in Orthanc DICOM Server	2026-04-09 14:40	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-5437, CVE-2026-5438, CVE-2026-5439, CVE-2026-5440, CVE-2026-5441, CVE-2026-5442, CVE-2026-5443, CVE-2026-5444, CVE-2026-5445
ZDI-26-252: Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability	2026-04-02 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-4698
VU#655822: Kyverno is vulnerable to server-side request forgery (SSRF)	2026-03-30 18:14	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-4789
VU#221883: CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read	2026-03-30 15:50	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-2275, CVE-2026-2285, CVE-2026-2286, CVE-2026-2287
ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability	2026-03-30 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-5058
VU#577436: Hard coded credentials vulnerability in GoHarbor's Harbor	2026-03-24 14:11	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-4404
ZDI-26-222: (Pwn2Own) Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability	2026-03-23 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14233
ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14235
ZDI-26-192: Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-4149
ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14236
ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14234
ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14237
ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14232
ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14231
ZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-41238
ZDI-26-189: (Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-41236

--- ## A.5.7 — Threat Intelligence _Bedrohungsintelligenz-Quellen — ohne allgemeines Security-News-Rauschen_

Threat-Intel

Critical

Mit CVE


A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens	2026-05-13 07:00	CRITICAL	project_zero — `threat_intel`	CVE-2025-54957
ZDI-26-307: FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability	2026-05-01 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-41265
VU#414811: Terrarium contains a vulnerability that allows arbitrary code execution	2026-04-21 13:37	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-5752
ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability	2026-04-21 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-5059
VU#915947: SGLang is vulnerable to remote code execution when rendering chat templates from a model file	2026-04-20 13:46	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-5760
ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability	2026-04-15 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-54948
ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability	2026-04-15 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-22898
ZDI-26-270: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability	2026-04-15 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-54987
VU#536588: Multiple Heap Buffer Overflows in Orthanc DICOM Server	2026-04-09 14:40	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-5437, CVE-2026-5438, CVE-2026-5439, CVE-2026-5440, CVE-2026-5441, CVE-2026-5442, CVE-2026-5443, CVE-2026-5444, CVE-2026-5445
ZDI-26-252: Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability	2026-04-02 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-4698
VU#655822: Kyverno is vulnerable to server-side request forgery (SSRF)	2026-03-30 18:14	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-4789
VU#221883: CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read	2026-03-30 15:50	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-2275, CVE-2026-2285, CVE-2026-2286, CVE-2026-2287
ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability	2026-03-30 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-5058
VU#577436: Hard coded credentials vulnerability in GoHarbor's Harbor	2026-03-24 14:11	CRITICAL	certcc_vuln — `threat_intel`	CVE-2026-4404
ZDI-26-222: (Pwn2Own) Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability	2026-03-23 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14233
ZDI-26-192: Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2026-4149
ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14231
ZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-41238
ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14236
ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14235
ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14234
ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14237
ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-14232
ZDI-26-189: (Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-41236
ZDI-26-188: (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability	2026-03-16 05:00	CRITICAL	zdi_pub — `threat_intel`	CVE-2025-41237

--- _Dashboard-Konfiguration: `config/ui/dashboards/available/iso27001.yaml` (FR-ISO-DASH-01)._