Sec Feed Reader

Generated 2026-05-15 02:12 UTC · 1280 Eintraege in der DB · 33/33 aktive Quellen · Letzter Fetch: 2026-05-15 01:45 UTC · Naechster Fetch (ca.): 2026-05-15 02:45 UTC (Intervall: 3600 s)

1d 3d 7d 30d 60d 90d 180d

Zeitraum · Angewandt auf Veroeffentlichungsdatum (Fallback: Importdatum)

All (398) crit (1) high (139) med (112) low (9) — (137)

Mehr Quellen, Kategorien und Sortierung: Filter / Erweitert · CVE-Archiv: CVEs

Recent entries

398 Treffer · 25 pro Seite · Seite 1 von 16.


2026-05-15	debian_pts_linux	A new upstream version is available: 7.1-rc3	—	—	—	package_tracker
2026-05-15	debian_pts_linux	14 bugs tagged patch in the BTS	—	—	—	package_tracker
2026-05-15	debian_pts_linux	Debci reports failed tests	—	—	—	package_tracker
2026-05-14	debian_pts_linux	Multiarch hinter reports 1 issue(s)	—	—	—	package_tracker
2026-05-14	bleeping_c	TeamPCP hackers advertise Mistral AI code repos for sale	—	—	—	security_news
2026-05-14	debian_pts_linux	Fails to build during reproducibility testing	—	—	—	package_tracker
2026-05-14	bleeping_c	Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin	—	—	—	security_news
2026-05-14	debian_pts_linux	version in VCS is newer than in repository, is it time to upload?	—	—	—	package_tracker
2026-05-14	apache_httpd_sec	CVE-1999-1199: A serious problem exists when a client sends a large number of headers with the same header name. Apache uses up memory faster than the amount of memory required to simply store the received data itself. That is, memory use increases faster and faster as more headers are received, rather than increasing at a constant rate. This makes a denial of service attack based on this method more effective than methods which cause Apache to use memory at a constant rate, since the attacker has to send less data.	—	CVE-1999-1199	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2000-1204: A security problem for users of the mass virtual hosting module, mod_vhost_alias, causes the source to a CGI to be sent if the cgi-bin directory is under the document root. However, it is not normal to have your cgi-bin directory under a document root.	—	CVE-2000-1204	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2000-1206: A security problem can occur for sites using mass name-based virtual hosting (using the new mod_vhost_alias module) or with special mod_rewrite rules.	—	CVE-2000-1206	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2022-28614: The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the "ap_rputs" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.	—	CVE-2022-28614	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2002-0061: Apache for Win32 before 1.3.24 and 2.0.34-beta allows remote attackers to execute arbitrary commands via parameters passed to batch file CGI scripts.	—	CVE-2002-0061	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2000-0505: A security hole on Apache for Windows allows a user to view the listing of a directory instead of the default HTML page by sending a carefully constructed request.	—	CVE-2000-0505	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2000-1205: Apache was vulnerable to cross site scripting issues. It was shown that malicious HTML tags can be embedded in client web requests if the server or script handling the request does not carefully encode all information displayed to the user. Using these vulnerabilities attackers could, for example, obtain copies of your private cookies used to authenticate you to other sites.	—	CVE-2000-1205	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2002-1156: In Apache 2.0.42 only, for a location where both WebDAV and CGI were enabled, a POST request to a CGI script would reveal the CGI source to a remote user.	—	CVE-2002-1156	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2001-1342: A vulnerability was found in the Win32 and OS2 ports of Apache 1.3. A client submitting a carefully constructed URI could cause a General Protection Fault in a child process, bringing up a message box which would have to be cleared by the operator to resume operation. This vulnerability introduced no identified means to compromise the server other than introducing a possible denial of service.	—	CVE-2001-1342	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2001-0925: The default installation can lead mod_negotiation and mod_dir or mod_autoindex to display a directory listing instead of the multiview index.html file if a very long path was created artificially by using many slashes.	—	CVE-2001-0925	—	vendor_advisory
2026-05-14	apache_httpd_sec	CVE-2005-2970: A memory leak in the worker MPM would allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low (from moderate) as sucessful exploitation of the race condition would be difficult.	—	CVE-2005-2970	—	vendor_advisory
2026-05-14	bleeping_c	Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks	—	CVE-2026-20182	—	security_news
2026-05-14	bleeping_c	OpenAI confirms security breach in TanStack supply chain attack	—	—	—	security_news
2026-05-14	bleeping_c	Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026	—	—	—	security_news
2026-05-14	thn_global	Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access	—	CVE-2026-20182	—	security_news
2026-05-14	thn_global	Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets	—	—	—	security_news
2026-05-14	debian_pts_linux	230 security issues in trixie	—	CVE-2013-7445 CVE-2018-12928 CVE-2019-15213 +227	—	package_tracker