Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4557
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 up to and including 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote malicious users to cause a denial of service (worker consumption) via an expensive r...
Apache Http Server 2.2.13
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.14
Apache Http Server 2.2.19
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.15
Apache Http Server 2.2.20
NA
CVE-2010-2068
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 up to and including 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote malicious user...
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
Apache Http Server 2.2.14
Apache Http Server 2.2.15
Apache Http Server 2.3.4
Apache Http Server 2.3.5
NA
CVE-2002-0661
Directory traversal vulnerability in Apache 2.0 up to and including 2.0.39 on Windows, OS2, and Netware allows remote malicious users to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
Apache Http Server 2.0.28
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.34
Apache Http Server 2.0.39
Apache Http Server 2.0.38
Apache Http Server 2.0.36
Apache Http Server 2.0
1 EDB exploit
NA
CVE-2009-1195
The Apache HTTP Server 2.2.11 and previous versions 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC ...
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.8
Apache Http Server 2.2.7
Apache Http Server 2.2.9
Apache Http Server 2.2.3
Apache Http Server 2.2.1
NA
CVE-2002-0654
Apache 2.0 up to and including 2.0.39 on Windows, OS2, and Netware allows remote malicious users to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a...
Apache Http Server 2.0.28
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.34
Apache Http Server 2.0.39
Apache Http Server 2.0.38
Apache Http Server 2.0.36
Apache Http Server 2.0
1 EDB exploit
NA
CVE-2003-0245
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 up to and including 2.0.45 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML ...
Apache Http Server 2.0.42
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.41
Apache Http Server 2.0.38
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.43
1 EDB exploit
NA
CVE-1999-0107
Buffer overflow in Apache 1.2.5 and previous versions allows a remote malicious user to cause a denial of service with a large number of GET requests containing a large number of / characters.
Apache Http Server 1.0.5
Apache Http Server 0.8.11
Apache Http Server 1.1.1
Apache Http Server 1.0.2
Apache Http Server 1.1
Apache Http Server 1.2.5
Apache Http Server 1.0
Apache Http Server 1.0.3
Apache Http Server 0.8.14
1 EDB exploit
NA
CVE-2004-2381
HttpRequest.java in Jetty HTTP Server prior to 4.2.19 allows remote malicious users to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.
Jetty Jetty Http Server 4.1.0 Rc4
Jetty Jetty Http Server 4.0.b2
Jetty Jetty Http Server 4.0 Rc2
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 4.2.10
Jetty Jetty Http Server 4.1.b0
Jetty Jetty Http Server 4.1.0 Rc5
Jetty Jetty Http Server 4.0.d2
Jetty Jetty Http Server 4.1.d1
Jetty Jetty Http Server 4.2.3
Jetty Jetty Http Server 4.1.3
Jetty Jetty Http Server 4.0.2
Jetty Jetty Http Server 4.0 Rc1
Jetty Jetty Http Server 4.2.9 Rc1
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 4.1.0 Rc2
Jetty Jetty Http Server 4.0.1 Rc2
Jetty Jetty Http Server 4.2.9 Rc2
Jetty Jetty Http Server 4.2.7
Jetty Jetty Http Server 4.0.d1
Jetty Jetty Http Server 4.0.b1
Jetty Jetty Http Server 4.2.18
5.4
CVSSv3
CVE-2019-5457
Cross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Min-http-server Project Min-http-server 1.0.4
Min-http-server Project Min-http-server 1.0.2
Min-http-server Project Min-http-server 1.0.0
Min-http-server Project Min-http-server 1.0.6
NA
CVE-2003-0016
Apache prior to 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote malicious users to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
Apache Http Server 2.0.42
Apache Http Server 2.0.37
Apache Http Server 2.0.39
Apache Http Server 2.0.41
Apache Http Server 2.0.38
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.43
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »