Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.4.37 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-22720
Apache HTTP Server 2.4.52 and previous versions fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Macos
Apple Mac Os X 10.15.7
9.8
CVSSv3
CVE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Apache Http Server
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Zfs Storage Appliance Kit 8.8
7 Github repositories
9.1
CVSSv3
CVE-2019-10082
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
Apache Http Server
Oracle Retail Xstore Point Of Service 7.1
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.1.0
Oracle Communications Element Manager 8.0.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
8.8
CVSSv3
CVE-2021-3518
There's a flaw in libxml2 in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...
Xmlsoft Libxml2
Debian Debian Linux 9.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
Oracle Real User Experience Insight 13.5.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
8.6
CVSSv3
CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most like...
Xmlsoft Libxml2
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp Manageability Software Development Kit -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Hci H410c Firmware -
7.8
CVSSv3
CVE-2021-3516
There's a flaw in libxml2's xmllint in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
Xmlsoft Xmllint
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Oracle Zfs Storage Appliance Kit 8.8
7.8
CVSSv3
CVE-2019-0211
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent ...
Apache Http Server
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 15.0
1 EDB exploit
7 Github repositories
1 Article
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
7.5
CVSSv3
CVE-2022-23308
valid.c in libxml2 prior to 2.9.13 has a use-after-free of ID and IDREF attributes.
Xmlsoft Libxml2
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Apple Mac Os X 10.15.7
Apple Mac Os X
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
Apple Macos
Netapp Snapdrive -
Netapp Snapmanager -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
7.5
CVSSv3
CVE-2020-11993
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "in...
Apache Http Server
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Zfs Storage Appliance Kit 8.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »