Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http_server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2001-0766
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote malicious users to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
Apache Http Server 1.3.14
1 EDB exploit
7.5
CVSSv3
CVE-2023-26281
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
Ibm Http Server 8.5.0.0
7.5
CVSSv3
CVE-2021-27186
Fluent Bit 1.6.10 has a NULL pointer dereference when an flb_malloc return value is not validated by flb_avro.c or http_server/api/v1/metrics.c.
Treasuredata Fluent Bit 1.6.10
7.5
CVSSv3
CVE-2019-15600
A Path traversal exists in http_server which allows an malicious user to read arbitrary system files.
Http Server Project Http Server 1.0.12
7.5
CVSSv3
CVE-2019-0190
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSS...
Apache Http Server 2.4.37
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 7.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
2 Github repositories
6.1
CVSSv3
CVE-2014-125098
A vulnerability was found in Dart http_server up to 0.9.5 and classified as problematic. Affected by this issue is the function VirtualDirectory of the file lib/src/virtual_directory.dart of the component Directory Listing Handler. The manipulation of the argument request.uri.pat...
Dart Http Server
5.5
CVSSv3
CVE-2020-13938
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Apache Http Server
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Netapp Cloud Backup -
5.3
CVSSv3
CVE-2022-28330
Apache HTTP Server 2.4.53 and previous versions on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
Apache Http Server
NA
CVE-2010-2791
mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote malicious users to obtain a potentially sensitive response intended for a diff...
Apache Http Server 2.2.9
NA
CVE-2010-2068
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 up to and including 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote malicious user...
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.3.4
Apache Http Server 2.3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »