Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 1.4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28321
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather t...
Haxx Curl
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Clustered Data Ontap -
Netapp Ontap Antivirus Connector -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
1 Github repository
NA
CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously ...
Haxx Curl
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Apple Macos
Netapp Clustered Data Ontap -
Netapp Ontap Antivirus Connector -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
1 Github repository
NA
CVE-2023-28484
In libxml2 prior to 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
Xmlsoft Libxml2
Debian Debian Linux 10.0
NA
CVE-2023-29469
An issue exists in libxml2 prior to 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an...
Xmlsoft Libxml2
Debian Debian Linux 10.0
1 Github repository
571
VMScore
CVE-2019-20445
HttpObjectDecoder.java in Netty prior to 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
Netty Netty
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Canonical Ubuntu Linux 18.04
Redhat Jboss Amq Clients 2
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Apache Spark 2.4.7
Apache Spark 2.4.8
445
VMScore
CVE-2018-8003
Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the ...
Apache Ambari
445
VMScore
CVE-2017-7686
Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run) where...
Apache Ignite 1.6.0
Apache Ignite 1.4.0
Apache Ignite 1.3.0
Apache Ignite 1.2.0
Apache Ignite 1.1.0
Apache Ignite 1.9.0
Apache Ignite 1.7.0
Apache Ignite 1.5.0
Apache Ignite 1.0.0
Apache Ignite 2.0.0
Apache Ignite 1.8.0
520
VMScore
CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote malicious users to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions prior to 2.2.15.
Apache Http Server 1.3.18
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.23
Apache Http Server 1.2
Apache Http Server 1.3.16
Apache Http Server 1.3.15
Apache Http Server 1.0.2
Apache Http Server 1.3.34
Apache Http Server 1.3.36
Apache Http Server 1.3.0
Apache Http Server 1.3.38
Apache Http Server 1.3.42
Apache Http Server 1.3.2
Apache Http Server 1.0
Apache Http Server 1.1
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.30
Apache Http Server 1.3.31
Apache Http Server 1.3.5
Apache Http Server 1.4.0
1 Nmap script
17 Github repositories
383
VMScore
CVE-2011-0715
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.16, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
Apache Subversion 1.0.1
Apache Subversion 0.36.0
Apache Subversion 1.0.9
Apache Subversion 1.0.6
Apache Subversion 1.2.1
Apache Subversion 1.2.0
Apache Subversion 1.1.4
Apache Subversion 1.4.0
Apache Subversion 0.18.1
Apache Subversion 0.18.0
Apache Subversion 0.22.2
Apache Subversion 0.28.1
Apache Subversion 0.28.0
Apache Subversion 0.34.0
Apache Subversion 0.33.1
Apache Subversion 1.5.0
Apache Subversion 1.5.3
Apache Subversion 1.6.3
Apache Subversion 1.6.2
Apache Subversion 0.9
Apache Subversion 0.8
Apache Subversion 0.15
605
VMScore
CVE-2010-4539
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking ...
Apache Subversion 1.2.0
Apache Subversion 1.0.4
Apache Subversion 1.6.10
Apache Subversion 0.22.0
Apache Subversion 1.0.8
Apache Subversion 1.4.5
Apache Subversion 1.0.2
Apache Subversion 1.1.2
Apache Subversion 0.26.0
Apache Subversion 0.10.1
Apache Subversion 0.15
Apache Subversion 1.0.9
Apache Subversion 1.4.2
Apache Subversion 0.37.0
Apache Subversion M2
Apache Subversion 1.6.2
Apache Subversion 0.9
Apache Subversion 0.7
Apache Subversion 0.19.0
Apache Subversion 0.22.2
Apache Subversion 0.12.0
Apache Subversion 1.5.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started