Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.1.1 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
9
CVSSv2
CVE-2017-12636
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB prior to 1.7.0 and 2.x prior to 2...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
5 Github repositories
5
CVSSv2
CVE-2012-0256
Apache Traffic Server 2.0.x and 3.0.x prior to 3.0.4 and 3.1.x prior to 3.1.3 does not properly allocate heap memory, which allows remote malicious users to cause a denial of service (daemon crash) via a long HTTP Host header.
Apache Traffic Server 3.1.1
Apache Traffic Server 3.1.0
Apache Traffic Server 2.1.7
Apache Traffic Server 2.1.6
Apache Traffic Server 2.0.1
Apache Traffic Server 2.0.0
Apache Traffic Server 3.0.3
Apache Traffic Server 3.0.2
Apache Traffic Server 2.1.5
Apache Traffic Server 2.1.4
Apache Traffic Server 3.0.1
Apache Traffic Server 3.0.0
Apache Traffic Server 2.1.3
Apache Traffic Server 2.1.2
Apache Traffic Server 3.1.2
Apache Traffic Server 2.1.9
Apache Traffic Server 2.1.8
Apache Traffic Server 2.1.1
Apache Traffic Server 2.1.0
5
CVSSv2
CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote malicious users to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions prior to 2.2.15.
Apache Http Server 1.3.18
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.23
Apache Http Server 1.2
Apache Http Server 1.3.16
Apache Http Server 1.3.15
Apache Http Server 1.0.2
Apache Http Server 1.3.34
Apache Http Server 1.3.36
Apache Http Server 1.3.0
Apache Http Server 1.3.38
Apache Http Server 1.3.42
Apache Http Server 1.3.2
Apache Http Server 1.0
Apache Http Server 1.1
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.30
Apache Http Server 1.3.31
Apache Http Server 1.3.5
Apache Http Server 1.4.0
1 Nmap script
17 Github repositories
5
CVSSv2
CVE-2010-1870
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 up to and including 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote malicious users to modify server-side context objects an...
Apache Struts 2.0.8
Apache Struts 2.0.9
Apache Struts 2.0.3
Apache Struts 2.0.11.2
Apache Struts 2.0.11.1
Apache Struts 2.0.10
Apache Struts 2.0.5
Apache Struts 2.0.2
Apache Struts 2.1.5
Apache Struts 2.1.4
Apache Struts 2.0.1
Apache Struts 2.1.3
Apache Struts 2.1.2
Apache Struts 2.0.7
Apache Struts 2.0.11
Apache Struts 2.0.14
Apache Struts 2.0.13
Apache Struts 2.1.1
Apache Struts 2.1.0
Apache Struts 2.0.0
Apache Struts 2.0.6
Apache Struts 2.0.4
2 EDB exploits
1 Article
4.3
CVSSv2
CVE-2008-2168
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Apache Http Server 2.0.28
Apache Http Server 2.0
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.48
Apache Http Server 2.0.49
Apache Http Server 2.0.56
Apache Http Server 2.0.57
Apache Http Server 2.1.2
Apache Http Server 2.1.3
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.0.34
Apache Http Server 2.0.42
Apache Http Server 2.0.43
Apache Http Server 2.0.50
Apache Http Server 2.0.51
Apache Http Server 2.0.58
Apache Http Server 2.0.59
1 EDB exploit
4.3
CVSSv2
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components...
Apache Http Server 2.0.51
Apache Http Server 2.0.52
Apache Http Server 2.1.2
Apache Http Server 2.1.3
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.0.46
Apache Http Server 2.0.53
Apache Http Server 2.0.54
Apache Http Server 2.0.55
Apache Http Server 2.1.4
Apache Http Server 2.1.5
Apache Http Server 2.2.4
Apache Http Server 2.0.47
Apache Http Server 2.0.48
Apache Http Server 2.0.57
Apache Http Server 2.0.58
Apache Http Server 2.1.6
Apache Http Server 2.1.7
Apache Http Server 2.0.49
Apache Http Server 2.0.50
Apache Http Server 2.0.59
1 EDB exploit
6.8
CVSSv2
CVE-2006-4154
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent malicious users to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.48
Apache Http Server 2.0.49
Apache Http Server 2.0.56
Apache Http Server 2.0.57
Apache Http Server 2.1.3
Apache Http Server 2.1.4
Apache Http Server 2.1.5
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.46
Apache Http Server 2.0.47
Apache Http Server 2.0.54
Apache Http Server 2.0.55
Apache Http Server 2.1.1
Apache Http Server 2.1.2
Apache Http Server 2.2.3
Apache Http Server 2.0
Apache Http Server 2.0.35
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started