Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2004-0174
Apache 1.4.x prior to 1.3.30, and 2.0.x prior to 2.0.49, when using multiple listening sockets on certain platforms, allows remote malicious users to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."...
Apache Http Server
NA
CVE-2013-2249
mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server prior to 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
Apache Http Server
NA
CVE-2003-0789
mod_cgid in Apache prior to 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
Apache Http Server
NA
CVE-1999-1199
Apache WWW server 1.3.1 and previous versions allows remote malicious users to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
Apache Http Server
NA
CVE-1999-1237
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote malicious users to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
Apache Http Server -
NA
CVE-1999-1293
mod_proxy in Apache 1.2.5 and previous versions allows remote malicious users to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
Apache Http Server
7.5
CVSSv3
CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and previous versions.
Apache Http Server
NA
CVE-2007-0086
The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote malicious users to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this i...
Apache Http Server -
2 Github repositories
1 Article
NA
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Apache Http Server
6.1
CVSSv3
CVE-2019-10098
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
Apache Http Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »