Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-3624
Apache Traffic Server 5.1.x prior to 5.1.1 allows remote malicious users to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
Apache Traffic Server 5.1.0
9.8
CVSSv3
CVE-2015-5168
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x prior to 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.
Apache Traffic Server 5.3.1
Apache Traffic Server 5.3.0
9.8
CVSSv3
CVE-2015-5206
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server prior to 5.3.x prior to 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.
Apache Traffic Server 5.3.1
Apache Traffic Server 5.3.0
9.1
CVSSv3
CVE-2023-33934
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: up to and including 9.2.1.
Apache Traffic Server
9.1
CVSSv3
CVE-2017-9788
In Apache httpd prior to 2.2.34 and 2.4.x prior to 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '...
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Apple Mac Os X
Netapp Storage Automation Store -
Netapp Oncommand Unified Manager -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Eus 7.5
1 Github repository
9.1
CVSSv3
CVE-2016-4694
The Apache HTTP Server in Apple OS X prior to 10.12 and OS X Server prior to 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote malicious u...
Apple Os X Server
Apple Mac Os X
8.6
CVSSv3
CVE-2017-5660
There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.
Apache Traffic Server
Apache Traffic Server 7.0.0
Apache Traffic Server 6.2.1
Apache Traffic Server 6.2.2
Debian Debian Linux 9.0
8.6
CVSSv3
CVE-2017-6062
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module prior to 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote mali...
Openidc Mod Auth Openidc
8.6
CVSSv3
CVE-2017-6413
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module prior to 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "AuthType oauth20" configuration, which allows remote malicious...
Openidc Mod Auth Openidc
8.1
CVSSv3
CVE-2023-25195
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 up to and inclu...
Apache Fineract
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »