Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-1125
Oracle Webserver 2.1 and previous versions runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration f...
Oracle Http Server
Oracle Http Server 1.0
9.8
CVSSv3
CVE-2021-23797
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is.
Http-server-node Project Http-server-node
NA
CVE-2008-0338
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote malicious users to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.
Miniweb Http Server Miniweb Http Server 0.8.19
1 EDB exploit
NA
CVE-2004-0493
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote malicious users to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large number...
Trustix Secure Linux 2.0
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Gentoo Linux 1.4
Trustix Secure Linux 2.1
Apache Http Server 2.0.47
Ibm Http Server 2.0.42.1
Avaya S8300 R2.0.0
Apache Http Server 2.0.49
Ibm Http Server 2.0.42
Ibm Http Server 2.0.47.1
Apache Http Server 2.0.48
Ibm Http Server 2.0.42.2
Avaya S8700 R2.0.0
Avaya S8500 R2.0.0
Ibm Http Server 2.0.47
2 EDB exploits
3.7
CVSSv3
CVE-2016-3482
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 and 12.1.3.0 allows remote malicious users to affect confidentiality via vectors related to SSL/TLS Module.
Oracle Http Server 12.1.3.0
Oracle Http Server 11.1.1.9
8.1
CVSSv3
CVE-2021-40668
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write.
Http File Server Project Http File Server 1.4.1
7.5
CVSSv3
CVE-2002-1850
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote malicious users to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI...
Apache Http Server 2.0.39
Apache Http Server 2.0.40
1 EDB exploit
7.1
CVSSv3
CVE-2022-21593
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OHS Config MBeans). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
5.9
CVSSv3
CVE-2018-2760
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). Supported versions that are affected are 12.1.3 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise ...
Oracle Http Server 12.1.3
Oracle Http Server 12.2.1.2
7.5
CVSSv3
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote malicious users to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
Miniweb Http Server Project Miniweb Http Server 0.8.19
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »