Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-23916
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of a...
Haxx Curl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Clustered Data Ontap -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.9
CVSSv3
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
5.1
CVSSv3
CVE-2016-0702
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a c...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
1 Github repository
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2014-6278
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feat...
Gnu Bash 1.14.5
Gnu Bash 1.14.6
Gnu Bash 2.03
Gnu Bash 2.04
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.1
Gnu Bash 1.14.2
Gnu Bash 2.01
Gnu Bash 2.01.1
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.2
Gnu Bash 4.3
Gnu Bash 1.14.0
Gnu Bash 1.14.7
Gnu Bash 2.0
Gnu Bash 2.05
Gnu Bash 4.1
Gnu Bash 1.14.3
Gnu Bash 1.14.4
Gnu Bash 2.02
5 EDB exploits
12 Github repositories
NA
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 1.14.2
Gnu Bash 1.14.3
Gnu Bash 2.01.1
Gnu Bash 2.02
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.3
Gnu Bash 1.14.6
Gnu Bash 1.14.7
Gnu Bash 2.04
Gnu Bash 2.05
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.0
Gnu Bash 1.14.1
Gnu Bash 2.0
Gnu Bash 2.01
Gnu Bash 4.1
Gnu Bash 4.2
Gnu Bash 1.14.4
Gnu Bash 1.14.5
Gnu Bash 2.02.1
3 EDB exploits
4 Github repositories
NA
CVE-2014-0848
The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 prior to 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms via a brute-force a...
Ibm Netezza Performance Portal 2.0.0.1
Ibm Netezza Performance Portal 2.0.0.3
Ibm Netezza Performance Portal 2.0.0.2
Ibm Netezza Performance Portal 2.0.0.0
NA
CVE-2013-4365
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module prior to 2.3.9 for the Apache HTTP Server allows remote malicious users to have an unspecified impact via unknown vectors.
Apache Mod Fcgid
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Suse Cloud 2.0
Suse Cloud 1.0
NA
CVE-2012-0876
The XML parser (xmlparse.c) in expat prior to 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via an XML file with many identifiers wit...
Libexpat Project Libexpat
Python Python
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
NA
CVE-2012-0256
Apache Traffic Server 2.0.x and 3.0.x prior to 3.0.4 and 3.1.x prior to 3.1.3 does not properly allocate heap memory, which allows remote malicious users to cause a denial of service (daemon crash) via a long HTTP Host header.
Apache Traffic Server 3.1.1
Apache Traffic Server 3.1.0
Apache Traffic Server 2.1.7
Apache Traffic Server 2.1.6
Apache Traffic Server 2.0.1
Apache Traffic Server 2.0.0
Apache Traffic Server 3.0.3
Apache Traffic Server 3.0.2
Apache Traffic Server 2.1.5
Apache Traffic Server 2.1.4
Apache Traffic Server 3.0.1
Apache Traffic Server 3.0.0
Apache Traffic Server 2.1.3
Apache Traffic Server 2.1.2
Apache Traffic Server 3.1.2
Apache Traffic Server 2.1.9
Apache Traffic Server 2.1.8
Apache Traffic Server 2.1.1
Apache Traffic Server 2.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »