Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-5168
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x prior to 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.
Apache Traffic Server 5.3.1
Apache Traffic Server 5.3.0
9.8
CVSSv3
CVE-2015-5206
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server prior to 5.3.x prior to 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.
Apache Traffic Server 5.3.1
Apache Traffic Server 5.3.0
9.1
CVSSv3
CVE-2017-9788
In Apache httpd prior to 2.2.34 and 2.4.x prior to 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '...
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Apple Mac Os X
Netapp Storage Automation Store -
Netapp Oncommand Unified Manager -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Eus 7.5
1 Github repository
7.5
CVSSv3
CVE-2016-5396
Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.
Apache Traffic Server 6.1.0
Apache Traffic Server 6.0.0
Apache Traffic Server 6.1.1
Apache Traffic Server 6.2.0
7.5
CVSSv3
CVE-2017-5659
Apache Traffic Server prior to 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.
Apache Traffic Server
8.6
CVSSv3
CVE-2017-6062
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module prior to 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote mali...
Openidc Mod Auth Openidc
8.6
CVSSv3
CVE-2017-6413
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module prior to 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "AuthType oauth20" configuration, which allows remote malicious...
Openidc Mod Auth Openidc
9.1
CVSSv3
CVE-2016-4694
The Apache HTTP Server in Apple OS X prior to 10.12 and OS X Server prior to 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote malicious u...
Apple Os X Server
Apple Mac Os X
8.1
CVSSv3
CVE-2016-5388
Apache Tomcat 7.x up to and including 7.0.70 and 8.x up to and including 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Hpc Node Eus 7.2
Hp System Management Homepage
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Oracle Linux 6
Oracle Linux 7
Apache Tomcat
1 Article
NA
CVE-2015-5255
Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x prior to 3.0.0.354175, 3.1.x prior to 3.1.0.354180, 4.5.x prior to 4.5.1.354177, 4.6.2.x prior to 4.6.2.354178, and 4.7.x prior to 4.7.0.354178, allows remote malicio...
Hp Xp7 Command View Advanced Edition -
Hp Xp P9000 Command View Advanced Edition -
Adobe Coldfusion
Adobe Livecycle Data Services 4.6
Adobe Livecycle Data Services 4.7
Adobe Livecycle Data Services 3.0
Adobe Livecycle Data Services 4.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »