Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.2.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-15903
In libexpat prior to 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Libexpat Project Libexpat
Python Python
7.5
CVSSv3
CVE-2018-20843
In libexpat in Expat prior to 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
Libexpat Project Libexpat
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Oracle Http Server 12.1.3.0
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
Oracle Http Server 12.2.1.4.0
Oracle Hospitality Res 3700
Tenable Nessus
7.2
CVSSv3
CVE-2018-11769
CouchDB administrative users prior to 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the...
Apache Couchdb
5.9
CVSSv3
CVE-2018-1302
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurati...
Apache Http Server
Canonical Ubuntu Linux 18.04
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
NA
CVE-2012-3499
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...
Apache Http Server 2.2.23
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.2.15
Apache Http Server 2.2.20
1 Github repository
NA
CVE-2012-4558
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inje...
Apache Http Server 2.2.23
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.2.15
Apache Http Server 2.2.20
NA
CVE-2012-2687
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x prior to 2.4.3, when the MultiViews option is enabled, allow remote malicious users to inject arbitrary web scr...
Apache Http Server 2.2.23
Apache Http Server 2.4.1
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.4.0
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.4.2
NA
CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote malicious users to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions prior to 2.2.15.
Apache Http Server 1.3.18
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.23
Apache Http Server 1.2
Apache Http Server 1.3.16
Apache Http Server 1.3.15
Apache Http Server 1.0.2
Apache Http Server 1.3.34
Apache Http Server 1.3.36
Apache Http Server 1.3.0
Apache Http Server 1.3.38
Apache Http Server 1.3.42
Apache Http Server 1.3.2
Apache Http Server 1.0
Apache Http Server 1.1
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.30
Apache Http Server 1.3.31
Apache Http Server 1.3.5
Apache Http Server 1.4.0
1 Nmap script
17 Github repositories
NA
CVE-2011-4668
IBM Tivoli Netcool/Reporter 2.2 prior to 2.2.0.8 allows remote malicious users to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
Ibm Tivoli Netcool\\/reporter 2.2.0.3
Ibm Tivoli Netcool\\/reporter 2.2.0.2
Ibm Tivoli Netcool\\/reporter 2.2.0.7
Ibm Tivoli Netcool\\/reporter 2.2.0.6
Ibm Tivoli Netcool\\/reporter 2.2.0
Ibm Tivoli Netcool\\/reporter 2.2.0.1
Ibm Tivoli Netcool\\/reporter 2.2.0.5
Ibm Tivoli Netcool\\/reporter 2.2.0.4
NA
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »