Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache http server 2.2.19 vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2012-0021
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a...
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
2 Github repositories available
5
CVSSv2
CVE-2012-4557
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request....
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
2 Github repositories available
5.1
CVSSv2
CVE-2013-1862
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.2.24
4 Github repositories available
4.3
CVSSv2
CVE-2012-4558
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
4 Github repositories available
4.3
CVSSv2
CVE-2012-0053
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2)...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
1 EDB exploit available
11 Github repositories available
5
CVSSv2
CVE-2014-0231
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor....
Apache Http Server -
Apache Http Server 2.2.0
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.2.24
Apache Http Server 2.2.25
Apache Http Server 2.2.26
Apache Http Server 2.2.27
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server
7 Github repositories available
4.3
CVSSv2
CVE-2013-1896
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn...
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server
6 Github repositories available
2.6
CVSSv2
CVE-2012-2687
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or...
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
4 Github repositories available
7.5
CVSSv2
CVE-2017-3167
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed....
Apache Http Server 2.2.0
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.2.24
Apache Http Server 2.2.25
Apache Http Server 2.2.26
Apache Http Server 2.2.27
Apache Http Server 2.2.29
Apache Http Server 2.2.30
Apache Http Server 2.2.31
Apache Http Server 2.2.32
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.16
Apache Http Server 2.4.17
Apache Http Server 2.4.18
Apache Http Server 2.4.20
Apache Http Server 2.4.23
Apache Http Server 2.4.25
3 Github repositories available
7.5
CVSSv2
CVE-2017-3169
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port....
Apache Http Server 2.2.0
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.2.16
Apache Http Server 2.2.17
Apache Http Server 2.2.18
Apache Http Server 2.2.19
Apache Http Server 2.2.20
Apache Http Server 2.2.21
Apache Http Server 2.2.22
Apache Http Server 2.2.23
Apache Http Server 2.2.24
Apache Http Server 2.2.25
Apache Http Server 2.2.26
Apache Http Server 2.2.27
Apache Http Server 2.2.29
Apache Http Server 2.2.30
Apache Http Server 2.2.31
Apache Http Server 2.2.32
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.16
Apache Http Server 2.4.17
Apache Http Server 2.4.18
Apache Http Server 2.4.20
Apache Http Server 2.4.23
Apache Http Server 2.4.25
3 Github repositories available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary code
CVE-2020-36079
microfocus
CVE-2021-26561
CVE-2021-21972
NULL pointer dereference
CVE-2021-25281
deserialization
solutions business manager
CVE-2020-28243
CVE-2020-27618
1
2
3
NEXT »