Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache apache http server 2.4.4 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-0226
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers...
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server
1 EDB exploit available
4 Github repositories available
5
CVSSv2
CVE-2014-3581
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header....
Apache Apache Http Server 2.4.0
Apache Apache Http Server 2.4.1
Apache Apache Http Server 2.4.2
Apache Apache Http Server 2.4.3
Apache Apache Http Server 2.4.4
Apache Apache Http Server 2.4.5
Apache Apache Http Server 2.4.6
Apache Apache Http Server 2.4.7
Apache Apache Http Server 2.4.8
Apache Apache Http Server 2.4.9
Apache Apache Http Server
5
CVSSv2
CVE-2016-8743
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or...
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.16
Apache Http Server 2.4.17
Apache Http Server 2.4.18
Apache Http Server 2.4.20
Apache Http Server 2.4.23
4.3
CVSSv2
CVE-2014-0118
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses...
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server
1 Github repository available
5
CVSSv2
CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through...
Apache Http Server
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.16
Apache Http Server 2.4.17
Apache Http Server 2.4.18
Apache Http Server 2.4.20
Apache Http Server 2.4.23
Apache Http Server 2.4.25
Apache Http Server 2.4.26
Apache Http Server 2.4.27
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit available
1 Metasploit module available
10 Github repositories available
1 Article available
5
CVSSv2
CVE-2014-0231
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor....
Apache Http Server -
Apache Http Server 2.2.0
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.2.24
Apache Http Server 2.2.25
Apache Http Server 2.2.26
Apache Http Server 2.2.27
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server
7 Github repositories available
4.3
CVSSv2
CVE-2016-4975
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache...
Apache Http Server 2.2.0
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.2.24
Apache Http Server 2.2.25
Apache Http Server 2.2.26
Apache Http Server 2.2.27
Apache Http Server 2.2.29
Apache Http Server 2.2.31
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.16
Apache Http Server 2.4.17
Apache Http Server 2.4.18
Apache Http Server 2.4.20
Apache Http Server 2.4.23
4.3
CVSSv2
CVE-2012-4558
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
6 Github repositories available
4.3
CVSSv2
CVE-2015-3185
The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.13
Apple Xcode 7.0
Apple Mac Os X 10.10.4
Apple Mac Os X Server 5.0.3
4.3
CVSSv2
CVE-2012-3499
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
7 Github repositories available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24027
open redirect
CVE-2021-30487
CVE-2021-28048
CVE-2021-23886
local file inclusion
CVE-2021-28483
log injection
CVE-2021-29448
Vulnerability Notification
Get Started
1
2
NEXT »
Vulmon
