Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0189
The authentication module for Apache 2.0.40 up to and including 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote malicious users to cause a denial of service (failed Basic authentication with valid usernames and...
Apache Http Server 2.0.42
Apache Http Server 2.0.44
Apache Http Server 2.0.41
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.43
NA
CVE-2003-1418
Apache HTTP Server 1.3.22 up to and including 1.3.27 on OpenBSD allows remote malicious users to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).
Apache Http Server 1.3.24
Apache Http Server 1.3.25
Apache Http Server 1.3.26
Apache Http Server 1.3.27
Apache Http Server 1.3.22
Apache Http Server 1.3.23
1 Github repository
NA
CVE-2002-0840
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 prior to 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote malicious users to execute script as other web page visitors v...
Apache Http Server 2.0.42
Oracle Application Server 9.0.2.1
Apache Http Server 1.3.23
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle8i 8.1.7 .0.0 Enterprise
Oracle Database Server 8.1.7
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Oracle Oracle9i 9.0
Apache Http Server 1.3.19
Oracle Database Server 9.2.1
Apache Http Server 2.0.39
Apache Http Server 1.3.24
Oracle Application Server 9.0.2
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Apache Http Server 2.0.41
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7
1 EDB exploit
NA
CVE-2012-0021
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 up to and including 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote malicious users to cause a denial of service (daem...
Apache Http Server 2.2.17
Apache Http Server 2.2.21
Apache Http Server 2.2.19
Apache Http Server 2.2.18
Apache Http Server 2.2.20
NA
CVE-2002-0843
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache prior to 1.3.27, and Apache 2.x prior to 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
Oracle Application Server 9.0.2.1
Apache Http Server 1.3.23
Oracle Oracle8i 8.1.7.0.0 Enterprise
Oracle Database Server 8.1.7
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.19
Apache Http Server 1.3.24
Oracle Application Server 9.0.2
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7
Apache Http Server 1.3.4
Apache Http Server 1.3.18
Oracle Application Server 1.0.2.1s
Apache Http Server 1.3
Apache Http Server 1.3.12
Apache Http Server 1.3.3
Apache Http Server 1.3.17
Apache Http Server 1.3.26
Apache Http Server 1.3.9
NA
CVE-2002-1592
The ap_log_rerror function in Apache 2.0 up to and including 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote malicious users to obtain sensitive information.
Apache Http Server 2.0.35
Apache Http Server 2.0.32
Apache Http Server 2.0.28
Apache Http Server 2.0
NA
CVE-2000-0505
The Apache 1.3.x HTTP server for Windows platforms allows remote malicious users to list directory contents by requesting a URL containing a large number of / characters.
Apache Http Server 1.3.9
Apache Http Server 1.3.11
Ibm Http Server 1.3.3
Ibm Http Server 1.3.6.2
Apache Http Server 1.3.6
Apache Http Server 1.3.12
1 EDB exploit
NA
CVE-2001-1449
The default installation of Apache prior to 1.3.19 on Mandrake Linux 7.1 up to and including 8.0 and Linux Corporate Server 1.0.1 allows remote malicious users to list the directory index of arbitrary web directories.
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.6
Apache Http Server 1.3.9
Apache Http Server 1.3.12
Apache Http Server 1.3.14
Mandrakesoft Mandrake Single Network Firewall 7.2
Apache Http Server 1.3.17
Apache Http Server 1.3.18
Apache Http Server 1.3
Apache Http Server 1.3.3
Apache Http Server 1.3.4
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux 7.3
Mandrakesoft Mandrake Linux 8.0
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
NA
CVE-1999-0045
List of arbitrary files on Web host via nph-test-cgi script.
Netscape Communications Server 1.1
Apache Http Server 1.0.5
Apache Http Server 0.8.11
Netscape Enterprise Server 2.0a
Apache Http Server 1.0.2
Apache Http Server 1.1
Apache Http Server 1.0
Apache Http Server 1.0.3
Apache Http Server 0.8.14
Netscape Communications Server 1.12
Netscape Commerce Server 1.12
1 EDB exploit
NA
CVE-2002-0257
Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote malicious users to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRE...
Apache Http Server 1.3.22
Usanet Creations Makebid Auction Deluxe 3.30
Apache Http Server 1.3.19
Apache Http Server 1.3.20
Apache Http Server 1.3.17
Apache Http Server 1.3.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »