Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-1072
Apache with mod_rewrite enabled on most UNIX systems allows remote malicious users to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
Apache Http Server 1.3.19
Apache Http Server 1.3.17
Apache Http Server 1.3.14
NA
CVE-2012-3502
The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x prior to 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remo...
Apache Http Server 2.4.1
Apache Http Server 2.4.0
Apache Http Server 2.4.2
NA
CVE-2006-4110
Apache 2.2.2, when running on Windows, allows remote malicious users to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive fil...
Apache Http Server 2.0.58
Apache Http Server 2.2.2
Apache Http Server 2.2.3
1 EDB exploit
NA
CVE-2001-0925
The default installation of Apache prior to 1.3.19 allows remote malicious users to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2)...
Apache Http Server 1.3.12
Apache Http Server 1.3.17
Apache Http Server 1.3.14
Apache Http Server 1.3.11
Debian Debian Linux 2.2
4 EDB exploits
NA
CVE-2007-3008
Mbedthis AppWeb prior to 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398.
Mbedthis Software Mbedthis Appweb Http Server 2.0.2
Mbedthis Software Mbedthis Appweb Http Server 2.0.0
Mbedthis Software Mbedthis Appweb Http Server 2.1.0
Mbedthis Software Mbedthis Appweb Http Server 2.0.4
Mbedthis Software Mbedthis Appweb Http Server 2.2.0
Mbedthis Software Mbedthis Appweb Http Server 2.2.1
Mbedthis Software Mbedthis Appweb Http Server 2.0.5
Mbedthis Software Mbedthis Appweb Http Server 2.0.3
Mbedthis Software Mbedthis Appweb Http Server 2.1.1
Mbedthis Software Mbedthis Appweb Http Server 2.0.1
NA
CVE-2004-2213
Mbedthis AppWeb HTTP server prior to 1.1.3 allows remote malicious users to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request.
Mbedthis Software Mbedthis Appweb Http Server 1.0.2
Mbedthis Software Mbedthis Appweb Http Server 1.0.4
Mbedthis Software Mbedthis Appweb Http Server 1.0.1
Mbedthis Software Mbedthis Appweb Http Server 1.1.2
Mbedthis Software Mbedthis Appweb Http Server 1.1.1
Mbedthis Software Mbedthis Appweb Http Server 1.0.3
Mbedthis Software Mbedthis Appweb Http Server 1.1
Mbedthis Software Mbedthis Appweb Http Server 1.0
NA
CVE-2004-2317
Information leak in Mbedthis AppWeb HTTP server 1.0 up to and including 1.1.2 allows remote malicious users to obtain sensitive information via a user message that is generated when Mbedthis denies access.
Mbedthis Software Mbedthis Appweb Http Server 1.0.2
Mbedthis Software Mbedthis Appweb Http Server 1.0.4
Mbedthis Software Mbedthis Appweb Http Server 1.0.1
Mbedthis Software Mbedthis Appweb Http Server 1.1.2
Mbedthis Software Mbedthis Appweb Http Server 1.1.1
Mbedthis Software Mbedthis Appweb Http Server 1.0.3
Mbedthis Software Mbedthis Appweb Http Server 1.1
Mbedthis Software Mbedthis Appweb Http Server 1.0
7.5
CVSSv3
CVE-2019-15600
A Path traversal exists in http_server which allows an malicious user to read arbitrary system files.
Http Server Project Http Server 1.0.12
NA
CVE-2010-2435
Weborf HTTP Server 0.12.1 and previous versions allows remote malicious users to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
Salvo Tomaselli Weborf Http Server 0.10
Salvo Tomaselli Weborf Http Server
Salvo Tomaselli Weborf Http Server 0.11
Salvo Tomaselli Weborf Http Server 0.12
1 EDB exploit
NA
CVE-2004-0493
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote malicious users to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large number...
Trustix Secure Linux 2.0
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Gentoo Linux 1.4
Trustix Secure Linux 2.1
Apache Http Server 2.0.47
Ibm Http Server 2.0.42.1
Avaya S8300 R2.0.0
Apache Http Server 2.0.49
Ibm Http Server 2.0.42
Ibm Http Server 2.0.47.1
Apache Http Server 2.0.48
Ibm Http Server 2.0.42.2
Avaya S8700 R2.0.0
Avaya S8500 R2.0.0
Ibm Http Server 2.0.47
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »