Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm http server 2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
NA
CVE-2014-3092
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x prior to 3.0.1.6 iFix 3, 4.x prior to 4.0.7, and 5.x prior to 5.0.1; and other Rational products, does not set the secure flag for the session cookie in an https session, wh...
Ibm Rational Quality Manager 2.0.0.2
Ibm Rational Quality Manager 2.0.1
Ibm Rational Quality Manager 3.0.1.4
Ibm Rational Quality Manager 3.0.1.5
Ibm Rational Quality Manager 4.0.3
Ibm Rational Quality Manager 4.0.4
Ibm Rational Quality Manager 4.0.5
Ibm Rational Team Concert 3.0.1
Ibm Rational Team Concert 3.0.1.1
Ibm Rational Team Concert 4.0.0.1
Ibm Rational Team Concert 4.0.0.2
Ibm Rational Requirements Composer 2.0
Ibm Rational Requirements Composer 2.0.0.1
Ibm Rational Requirements Composer 3.0.1.2
Ibm Rational Requirements Composer 3.0.1.3
Ibm Rational Requirements Composer 4.0.0.2
Ibm Rational Requirements Composer 4.0.1
Ibm Rational Doors Next Generation 4.0.2
Ibm Rational Doors Next Generation 4.0.3
Ibm Rational Engineering Lifecycle Manager 4.03
Ibm Rational Engineering Lifecycle Manager 4.04
Ibm Rational Quality Manager 3.0.1
NA
CVE-2014-0848
The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 prior to 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms via a brute-force a...
Ibm Netezza Performance Portal 2.0.0.1
Ibm Netezza Performance Portal 2.0.0.3
Ibm Netezza Performance Portal 2.0.0.2
Ibm Netezza Performance Portal 2.0.0.0
NA
CVE-2011-5035
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allo...
Oracle Glassfish Server
Oracle Glassfish Server 2.1.1
Oracle Glassfish Server 3.0.1
1 EDB exploit
NA
CVE-2011-1360
Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and previous versions, as used in WebSphere Application Server and other products, allow remote malicious users to inject arbitrary web script or HTML via vectors involving unspecified documentation fil...
Ibm Http Server 1.3.19.6
Ibm Http Server 1.3.19.5
Ibm Http Server 1.3.26
Ibm Http Server 1.3.19
Ibm Http Server 1.3.19.4
Ibm Http Server 1.3.26.2
Ibm Http Server 1.3.12.2
Ibm Http Server
Ibm Http Server 1.3.12
Ibm Http Server 1.3.12.7
Ibm Http Server 1.3.28
Ibm Http Server 1.3.6.3
Ibm Http Server 2.0.42.2
Ibm Http Server 2.0.42.1
Ibm Http Server 2.0.42
Ibm Http Server 1.3.12.6
Ibm Http Server 1.3.28.1
Ibm Http Server 1.0
Ibm Http Server 1.3.26.1
Ibm Http Server 2.0
NA
CVE-2011-1316
The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) prior to 7.0.0.15 allows remote malicious users to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending many UDP messages.
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 5.1.1.15
Ibm Websphere Application Server 5.1.1.11
Ibm Websphere Application Server 6.0.2.6
Ibm Websphere Application Server 6.0.2.5
Ibm Websphere Application Server 6.0
Ibm Websphere Application Server 6.0.0.1
Ibm Websphere Application Server 5.1.1.8
Ibm Websphere Application Server 5.1.1.9
Ibm Websphere Application Server 6.0.1
Ibm Websphere Application Server 5.1.0.5
Ibm Websphere Application Server 6.0.1.15
Ibm Websphere Application Server 5.1.1.10
Ibm Websphere Application Server 6.0.1.17
Ibm Websphere Application Server 5.0.2.4
Ibm Websphere Application Server 5.0.2.13
Ibm Websphere Application Server 5.0.2.14
Ibm Websphere Application Server 5.0.2.15
Ibm Websphere Application Server 6.0.1.13
NA
CVE-2010-1632
Apache Axis2 prior to 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 up to and including 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 up to and including 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geroni...
Apache Axis2 1.4
Apache Axis2 1.3
Apache Axis2 1.4.1
Apache Axis2 1.5
Apache Axis2
NA
CVE-2006-3918
http_protocol.c in (1) IBM HTTP Server 6.0 prior to 6.0.2.13 and 6.1 prior to 6.1.0.1, and (2) Apache HTTP Server 1.3 prior to 1.3.35, 2.0 prior to 2.0.58, and 2.2 prior to 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error messa...
Apache Http Server
Debian Debian Linux 3.1
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
NA
CVE-2004-0263
PHP 4.3.4 and previous versions in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote malicious users to obtain sensitive information.
Apache Http Server 1.0.3
Apache Http Server 1.0.5
Apache Http Server 1.3.11
Apache Http Server 1.3.12
Apache Http Server 1.2
Apache Http Server 1.2.5
Apache Http Server 1.3.18
Apache Http Server 1.3.19
Apache Http Server 1.3.20
Apache Http Server 1.3.28
Apache Http Server 1.3.29
Apache Http Server 2.0.28
Apache Http Server 2.0.41
Apache Http Server 2.0.42
Apache Http Server 2.0.9
Ibm Http Server 1.3.19
Apache Http Server 1.3.24
Apache Http Server 1.3.25
Apache Http Server 1.3.6
Apache Http Server 1.3.7
Apache Http Server 2.0.36
Apache Http Server 2.0.37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »