Thursday , June 11 2026
apache

multiple vulnerabilities found in apache HTTP server

infosecbulletin Tuesday , July 2 2024 Vulnerabilities

The Apache Software Foundation has found multiple security issues in the widely used Apache HTTP Server. These vulnerabilities could lead to denial-of-service attacks, remote code execution, and unauthorized access, putting many websites at risk of cyberattacks.

CVE-2024-36387 to CVE-2024-39573 are vulnerabilities in Apache HTTP Server’s components like mod_proxy, mod_rewrite, and core functionalities. Some of the most serious issues are:

Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered

By infosecbulletin / Wednesday , June 10 2026
Cybersecurity experts found several serious flaws this week in Windows, Chromium, OpenSSL, Microsoft Exchange, and ServiceNow. Some of these flaws...
Read More
Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered

73 Microsoft Packages Compromised in Password Stealer Attack

By infosecbulletin / Wednesday , June 10 2026
GitHub disabled 73 repositories in four Microsoft groups: Azure, Azure-Samples, Microsoft, and MicrosoftDocs. Each repo now shows GitHub’s “This repository...
Read More
73 Microsoft Packages Compromised in Password Stealer Attack

New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges

By infosecbulletin / Wednesday , June 10 2026
A security expert shared a new Microsoft Defender vulnerability called "RoguePlanet" only hours after Microsoft fixed two earlier problems in...
Read More
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges

Microsoft June Patches 200 Vulnerabilities including 3 zero days

By infosecbulletin / Wednesday , June 10 2026
Microsoft's June 2026 Patch Tuesday updates fix about 200 security flaws found in the company's products. None of the flaws fixed...
Read More
Microsoft June Patches 200 Vulnerabilities including 3 zero days

World’s first wind power underwater data center is now live

By infosecbulletin / Tuesday , June 9 2026
The first business underwater data center run by offshore wind has started working near Shanghai. Submerged 10 metres under the...
Read More
World’s first wind power underwater data center is now live

VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts

By infosecbulletin / Tuesday , June 9 2026
Broadcom has revealed three stored cross-site scripting (XSS) flaws that affect VMware Cloud Foundation Operations and some other products. They...
Read More
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts

CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild 

By infosecbulletin / Tuesday , June 9 2026
Check Point Research found that CVE-2026-50751, a serious flaw in Check Point Remote Access VPN and Mobile Access, is being...
Read More
CVE-2026-50751 Check Point VPN 0-day Flaw Exploited in the Wild 

AI-designed First ‘universal vaccine’ tested in humans

By infosecbulletin / Monday , June 8 2026
AI helped to make a new kind of vaccine that can protect people from many types of viruses and stop...
Read More
AI-designed First ‘universal vaccine’ tested in humans

China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%

By infosecbulletin / Sunday , June 7 2026
The world's first prefabricated computing power center base officially began operation on Saturday in Qingdao City, east China's Shandong Province,...
Read More
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%

Hacker now exploits recently patched SolarWinds Serv-U flaw

By infosecbulletin / Saturday , June 6 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that hackers are using a newly fixed serious SolarWinds Serv-U...
Read More
Hacker now exploits recently patched SolarWinds Serv-U flaw

CVE-2024-38472 (Important): Server-Side Request Forgery (SSRF) vulnerability on Windows systems, potentially leaking sensitive NTML hashes.

CVE-2024-38474 (Important): Code execution and source disclosure via encoded question marks in backreferences.

CVE-2024-38475 (Important): Unauthorized access to filesystem locations through improper escaping in mod_rewrite.

CVE-2024-38476 (Important): Information disclosure, SSRF, or local script execution via malicious backend application output.

These vulnerabilities could let attackers crash servers, bypass authentication, steal sensitive data, or take control of affected systems. Upgrade to Apache Software Foundation version 2.4.60 to fix reported vulnerabilities. Organizations that don’t update their software on time may suffer from website crashes, data leaks, and money losses.

Additionally, organizations should:

Check and adjust settings, especially for mod_proxy and mod_rewrite, to prevent issues. Keep an eye on logs for any unusual activity or unauthorized access attempts. Consider using a web application firewall (WAF) to filter out harmful traffic and reduce the risk of attacks.

Check Also

flaw

Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass

Trend Micro’s Deep Security Agent for Linux has a design flaw. This issue lets a …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin