Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote malicious users to execute arbitrary code by uploading a crafted web s...
Apache Axis2 1.3
Apache Axis2 1.4
Apache Axis2 1.4.1
Apache Axis2 1.5
Apache Axis2 1.5.1
Apache Axis2 1.5.2
Apache Axis2 1.6
Sap Businessobjects 3.2
3 EDB exploits
1 Github repository
1000
VMScore
CVE-2010-0425
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 up to and including 2.0.63, 2.2.0 up to and including 2.2.14, and 2.3.x prior to 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISA...
Apache Http Server 2.3.0
Apache Http Server 2.3.1
Apache Http Server 2.3.2
Apache Http Server 2.3.3
Apache Http Server 2.3.4
Apache Http Server 2.3.5
Apache Http Server 2.3.6
Apache Http Server 2.0.9
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.34
Apache Http Server 2.0.35
Apache Http Server 2.0.36
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.42
Apache Http Server 2.0.43
Apache Http Server 2.0.44
Apache Http Server 2.0.45
2 EDB exploits
1000
VMScore
CVE-2009-4188
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote malicious users to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat s...
Hp Operations Dashboard
2 EDB exploits
1000
VMScore
CVE-2009-4189
HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote malicious users to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servle...
Hp Operations Manager
1 EDB exploit
1000
VMScore
CVE-2009-3843
HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote malicious users to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.H...
Hp Operations Manager 8.10
1 EDB exploit
2 Github repositories
1000
VMScore
CVE-2008-5457
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote malicious users to affect confidentiality, integrity, and availability via ...
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 9.2
2 EDB exploits
1000
VMScore
CVE-2008-4008
Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the ...
Oracle Bea Product Suite 6.1
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 9.2
1 EDB exploit
1000
VMScore
CVE-2008-3257
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and previous versions allows remote malicious users to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /....
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 4.5.2
Bea Weblogic Server 4.5.1
Bea Weblogic Server 7.0
Bea Weblogic Server 9.2
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 6.0
Bea Weblogic Server 5.1
Oracle Weblogic Server
Bea Weblogic Server 3.1.8
Bea Weblogic Server 4.5
Bea Weblogic Server 9.1
Bea Weblogic Server 10.0
Bea Systems Weblogic Server 10.0 Mp1
Bea Weblogic Server 4.0.4
Bea Systems Apache Connector In Weblogic Server
Bea Weblogic Server 4.0
2 EDB exploits
1 Github repository
1000
VMScore
CVE-2008-0457
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote malicious users to upload and execute arbitrary JSP files via unknown vector...
Symantec Backupexec System Recovery 7.0
Symantec Backupexec System Recovery 7.01
2 EDB exploits
1000
VMScore
CVE-2002-1361
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote malicious users to execute arbitrary code via a POST request with shell metacharacters in the email parameter.
Sun Cobalt Raq 4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »