Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian apache2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0216
The default configuration of the apache2 package in Debian GNU/Linux squeeze prior to 2.2.16-6+squeeze7, wheezy prior to 2.2.22-4, and sid prior to 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct c...
Debian Apache2
NA
CVE-2012-0053
protocol.c in the Apache HTTP Server 2.2.x up to and including 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote malicious users to obtain the values of HTTPOnly cookies via vectors involving a (...
Apache Http Server
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
Redhat Jboss Enterprise Web Server 1.0.0
1 EDB exploit
3 Github repositories
NA
CVE-2012-0031
scoreboard.c in the Apache HTTP Server 2.2.21 and previous versions might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading t...
Apache Http Server
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Redhat Jboss Enterprise Web Server 1.0.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
1 EDB exploit
NA
CVE-2011-3192
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.19 allows remote malicious users to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as e...
Apache Http Server
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.4
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
2 EDB exploits
1 Nmap script
18 Github repositories
3 Articles
NA
CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library prior to 1.4.3 and the Apache HTTP Server prior to 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris...
Apache Portable Runtime
Apache Http Server
Netbsd Netbsd 5.1
Google Android
Freebsd Freebsd
Openbsd Openbsd 4.8
Apple Mac Os X 10.6.0
Oracle Solaris 10
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Suse Linux Enterprise Server 10
1 EDB exploit
2 Github repositories
NA
CVE-2011-1176
The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote malicious...
Mpm-itk Project Mpm-itk 2.2.11-01
Mpm-itk Project Mpm-itk 2.2.11-02
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Debian Debian Linux 7.0
NA
CVE-2010-4180
OpenSSL prior to 0.9.8q, and 1.0.x prior to 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote malicious users to force the downgrade to an unintended cipher via vect...
Openssl Openssl
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.4
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
F5 Nginx
NA
CVE-2010-1452
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x prior to 2.2.16 allow remote malicious users to cause a denial of service (process crash) via a request that lacks a path.
Apache Http Server
NA
CVE-2010-0434
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x prior to 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote malic...
Apache Http Server
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 5.0
Debian Debian Linux 6.0
NA
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »