Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache apr-util vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) prior to 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote malicious users to cause a d...
Apache Apr-util
Apache Apr-util 0.9.1
Apache Apr-util 0.9.2
Apache Apr-util 0.9.3
Apache Apr-util 0.9.4
Apache Apr-util 0.9.5
Apache Apr-util 0.9.6
Apache Apr-util 0.9.7
Apache Apr-util 0.9.8
Apache Apr-util 0.9.9
Apache Apr-util 0.9.10
Apache Apr-util 0.9.11
4.3
CVSSv2
CVE-2009-0023
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util prior to 1.3.5 allows remote malicious users to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI dire...
Apache Apr-util
Apache Apr-util 0.9.1
Apache Apr-util 0.9.2
Apache Apr-util 0.9.3
Apache Apr-util 0.9.4
Apache Apr-util 0.9.5
Apache Apr-util 1.0
Apache Apr-util 1.0.1
Apache Apr-util 1.0.2
Apache Apr-util 1.1.0
Apache Apr-util 1.1.1
Apache Apr-util 1.1.2
10
CVSSv2
CVE-2009-2412
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger...
Apache Apr-util 0.9.1
Apache Apr-util 0.9.2
Apache Apr-util 0.9.2-dev
Apache Apr-util 0.9.3
Apache Apr-util 0.9.3-dev
Apache Apr-util 0.9.4
Apache Apr-util 0.9.5
Apache Apr-util 0.9.6
Apache Apr-util 0.9.7-dev
Apache Apr-util 0.9.8
Apache Apr-util 0.9.9
Apache Apr-util 0.9.16
4.3
CVSSv2
CVE-2011-1928
The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote malicious users to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patt...
Apache Apr-util 1.4.3
Apache Apr-util 1.4.4
Apache Http Server 2.2.18
6.4
CVSSv2
CVE-2009-1956
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util prior to 1.3.5 on big-endian platforms allows remote malicious users to obtain sensitive information or cause a denial of service (application crash) via crafted input.
Apache Apr-util
Apache Http Server
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.04
5
CVSSv2
CVE-2009-1955
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util prior to 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote malicious users to cause a denial of service (memory consumption) via a crafted XML document...
Apache Apr-util
Apple Mac Os X
Suse Linux Enterprise Server 9
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.04
Fedoraproject Fedora 9
Fedoraproject Fedora 10
Fedoraproject Fedora 11
Oracle Http Server -
1 EDB exploit
6.5
CVSSv3
CVE-2022-25147
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an malicious user to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
Apache Portable Runtime Utility
1.9
CVSSv2
CVE-2017-12618
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using the...
Apache Portable Runtime Utility 0.9.1
Apache Portable Runtime Utility 0.9.2
Apache Portable Runtime Utility 0.9.3
Apache Portable Runtime Utility 0.9.4
Apache Portable Runtime Utility 0.9.5
Apache Portable Runtime Utility 0.9.6
Apache Portable Runtime Utility 0.9.7
Apache Portable Runtime Utility 0.9.9
Apache Portable Runtime Utility 0.9.10
Apache Portable Runtime Utility 0.9.11
Apache Portable Runtime Utility 0.9.12
Apache Portable Runtime Utility 0.9.13
5
CVSSv2
CVE-2004-0786
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and previous versions allow remote malicious users to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
Apache Http Server
4.9
CVSSv2
CVE-2009-1195
The Apache HTTP Server 2.2.11 and previous versions 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC ...
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.7
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
XML external entity
remote code execution
CVE-2024-44136
CVE-2025-21321
CVE-2024-41454
CVE-2024-55503
insecure direct object reference
CVE-2025-20088
CVE-2024-44243
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »