Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache apache http server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2004-0748
mod_ssl in Apache 2.0.50 and previous versions allows remote malicious users to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
Apache Http Server
445
VMScore
CVE-2003-0460
The rotatelogs program on Apache prior to 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote malicious users to cause a denial of service.
Apache Http Server
NA
CVE-2022-36760
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an malicious user to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server ...
Apache Http Server
NA
CVE-2022-37436
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
Apache Http Server
695
VMScore
CVE-2007-0086
The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote malicious users to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this i...
Apache Http Server -
2 Github repositories
1 Article
449
VMScore
CVE-2010-1452
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x prior to 2.2.16 allow remote malicious users to cause a denial of service (process crash) via a request that lacks a path.
Apache Http Server
385
VMScore
CVE-2020-11985
IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but...
Apache Http Server
670
VMScore
CVE-2013-2249
mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server prior to 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
Apache Http Server
585
VMScore
CVE-2019-10098
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
Apache Http Server
1 EDB exploit
890
VMScore
CVE-1999-1199
Apache WWW server 1.3.1 and previous versions allows remote malicious users to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
Apache Http Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »