Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an an-httpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1598
AN HTTPD 1.42n, and possibly other versions prior to 1.42p, allows remote malicious users to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension.
An An-httpd 1.41c
An An-httpd
An An-httpd 1.39
An An-httpd 1.40
An An-httpd 1.41
An An-httpd 1.41b
An An-httpd 1.2b
An An-httpd 1.38
NA
CVE-2002-1930
Buffer overflow in AN HTTPd 1.38 up to and including 1.4.1c allows remote malicious users to execute arbitrary code via a SOCKS4 request with a long username.
An An-httpd 1.38
An An-httpd 1.39
An An-httpd 1.41
An An-httpd 1.41c
An An-httpd 1.40
An An-httpd 1.41b
1 EDB exploit
NA
CVE-1999-0947
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote malicious users to execute commands via shell metacharacters.
An An-httpd 1.2b
1 EDB exploit
NA
CVE-2005-1086
Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote malicious users to execute arbitrary code via an HTTP request with a long User-Agent header.
An An-httpd 1.42n
1 EDB exploit
NA
CVE-2005-1087
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote malicious users to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.
An An-httpd 1.42n
1 EDB exploit
NA
CVE-2002-2378
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote malicious users to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
Nakata An Httpd 1.41d
NA
CVE-2003-1271
Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote malicious users to execute arbitrary web script or HTML as other users via a URL containing the script.
An An-http 1.41e
1 EDB exploit
NA
CVE-2014-8109
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x up to and including 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote malicious user...
Apache Http Server 2.4.1
Apache Http Server 2.4.6
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.10
Apache Http Server 2.4.7
Apache Http Server 2.4.2
Apache Http Server 2.4.9
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Fedoraproject Fedora 21
Oracle Enterprise Manager Ops Center 12.2.1
Oracle Enterprise Manager Ops Center 12.3.0
Oracle Enterprise Manager Ops Center 12.2.0
Oracle Enterprise Manager Ops Center
7.5
CVSSv3
CVE-2022-22719
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and previous versions.
Apache Http Server
Debian Debian Linux 9.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Macos
Apple Mac Os X 10.15.7
9.1
CVSSv3
CVE-2022-22721
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Macos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »