Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.4.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-3502
The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x prior to 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remo...
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
6.9
CVSSv2
CVE-2012-0883
envvars (aka envvars-std) in the Apache HTTP Server prior to 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
Apache Http Server
Apache Http Server 2.4.1
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
5
CVSSv2
CVE-2016-2161
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.14
Apache Http Server 2.4.16
5
CVSSv2
CVE-2016-0736
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnera...
Apache Http Server 2.4.0
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.8
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Apache Http Server 2.4.12
Apache Http Server 2.4.14
Apache Http Server 2.4.16
1 EDB exploit
2.6
CVSSv2
CVE-2012-2687
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x prior to 2.4.3, when the MultiViews option is enabled, allow remote malicious users to inject arbitrary web scr...
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
Apache Http Server 2.2.13
4.3
CVSSv2
CVE-2012-3499
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
1 Github repository
4.3
CVSSv2
CVE-2012-4558
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inje...
Apache Http Server 2.2
Apache Http Server 2.2.0
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.2.4
Apache Http Server 2.2.6
Apache Http Server 2.2.8
Apache Http Server 2.2.9
Apache Http Server 2.2.10
Apache Http Server 2.2.11
Apache Http Server 2.2.12
4.3
CVSSv2
CVE-2014-8109
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x up to and including 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote malicious user...
Apache Http Server 2.4.1
Apache Http Server 2.4.2
Apache Http Server 2.4.3
Apache Http Server 2.4.4
Apache Http Server 2.4.6
Apache Http Server 2.4.7
Apache Http Server 2.4.9
Apache Http Server 2.4.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j
Apache Log4j 2.0
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Captial
Siemens Captial 2019.1
Siemens Comos
Siemens Desigo Cc Advanced Reports 4.0
Siemens Desigo Cc Advanced Reports 4.1
Siemens Desigo Cc Advanced Reports 4.2
Siemens Desigo Cc Advanced Reports 5.0
Siemens Desigo Cc Advanced Reports 5.1
Siemens Desigo Cc Info Center 5.0
2 Metasploit modules
793 Github repositories
29 Articles
7.5
CVSSv3
CVE-2022-4450
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments a...
Openssl Openssl
Stormshield Stormshield Network Security
1 Github repository
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-21317
CVE-2025-23940
buffer overflow
CVE-2025-21335
CVE-2025-23860
CVE-2024-57704
SSTI
wireless
CVE-2019-3309
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »