Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.2.3 vulnerabilities and exploits
(subscribe to this query)
447
VMScore
CVE-2009-3095
The mod_proxy_ftp module in the Apache HTTP Server allows remote malicious users to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certa...
Apache Http Server
Fedoraproject Fedora 10
Fedoraproject Fedora 12
Debian Debian Linux 4.0
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 11
Apple Mac Os X
445
VMScore
CVE-2011-3607
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x up to and including 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvI...
Apache Http Server 2.0.42
Apache Http Server 2.0.64
Apache Http Server 2.0.58
Apache Http Server 2.0.47
Apache Http Server 2.0.56
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.53
Apache Http Server 2.0.57
Apache Http Server 2.0.51
Apache Http Server 2.0.28
Apache Http Server 2.0.63
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.9
Apache Http Server 2.0.34
Apache Http Server 2.0.61
1 EDB exploit
445
VMScore
CVE-2010-0408
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x prior to 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote malicious users to cause a denial of service (backend ser...
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.9
Apache Http Server 2.2.12
Apache Http Server 2.2.3
440
VMScore
CVE-2009-1195
The Apache HTTP Server 2.2.11 and previous versions 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC ...
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.8
Apache Http Server 2.2.7
Apache Http Server 2.2.9
Apache Http Server 2.2.3
Apache Http Server 2.2.1
435
VMScore
CVE-2011-3639
The mod_proxy module in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x prior to 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse pro...
Apache Http Server 2.0.42
Apache Http Server 2.0.58
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.0.47
Apache Http Server 2.0.56
Apache Http Server 2.0.50
Apache Http Server 2.0.27
Apache Http Server 2.2.2
Apache Http Server 2.0.12
Apache Http Server 2.0.20
Apache Http Server2.0a9
Apache Http Server 2.2.4
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.2.17
Apache Http Server 2.0.44
Apache Http Server 2.2.16
Apache Http Server 2.0.39
1 EDB exploit
435
VMScore
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
435
VMScore
CVE-2008-2168
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Apache Http Server 2.0.28
Apache Http Server 2.0
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.48
Apache Http Server 2.0.49
Apache Http Server 2.0.56
Apache Http Server 2.0.57
Apache Http Server 2.1.2
Apache Http Server 2.1.3
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.0.34
Apache Http Server 2.0.42
Apache Http Server 2.0.43
Apache Http Server 2.0.50
Apache Http Server 2.0.51
Apache Http Server 2.0.58
Apache Http Server 2.0.59
1 EDB exploit
435
VMScore
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components...
Apache Http Server 2.0.51
Apache Http Server 2.0.52
Apache Http Server 2.1.2
Apache Http Server 2.1.3
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.0.46
Apache Http Server 2.0.53
Apache Http Server 2.0.54
Apache Http Server 2.0.55
Apache Http Server 2.1.4
Apache Http Server 2.1.5
Apache Http Server 2.2.4
Apache Http Server 2.0.47
Apache Http Server 2.0.48
Apache Http Server 2.0.57
Apache Http Server 2.0.58
Apache Http Server 2.1.6
Apache Http Server 2.1.7
Apache Http Server 2.0.49
Apache Http Server 2.0.50
Apache Http Server 2.0.59
1 EDB exploit
435
VMScore
CVE-2006-4110
Apache 2.2.2, when running on Windows, allows remote malicious users to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive fil...
Apache Http Server 2.2.3
Apache Http Server 2.0.58
Apache Http Server 2.2.2
1 EDB exploit
392
VMScore
CVE-2007-1743
suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, c...
Apache Http Server 2.2.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »