Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Apache Http Server
NA
CVE-2003-0789
mod_cgid in Apache prior to 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
Apache Http Server
NA
CVE-2003-0987
mod_digest for Apache prior to 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
Apache Http Server
NA
CVE-2010-1452
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x prior to 2.2.16 allow remote malicious users to cause a denial of service (process crash) via a request that lacks a path.
Apache Http Server
NA
CVE-2007-0086
The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote malicious users to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this i...
Apache Http Server -
2 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-43622
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack patte...
Apache Http Server
4 Github repositories
NA
CVE-1999-1293
mod_proxy in Apache 1.2.5 and previous versions allows remote malicious users to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
Apache Http Server
7.5
CVSSv3
CVE-2004-0174
Apache 1.4.x prior to 1.3.30, and 2.0.x prior to 2.0.49, when using multiple listening sockets on certain platforms, allows remote malicious users to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."...
Apache Http Server
9.8
CVSSv3
CVE-2023-25690
Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 up to and including 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches...
Apache Http Server
8 Github repositories
NA
CVE-2003-0132
A memory leak in Apache 2.0 up to and including 2.0.44 allows remote malicious users to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
Apache Http Server
2 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »