Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.2.16 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2013-1048
The Debian apache2ctl script in the apache2 package squeeze prior to 2.2.16-6+squeeze11, wheezy prior to 2.2.22-13, and sid prior to 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to...
Debian Apache2
4.3
CVSSv2
CVE-2012-4558
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inje...
Apache Http Server 2.2.23
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.2.15
Apache Http Server 2.2.20
4.3
CVSSv2
CVE-2012-3499
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...
Apache Http Server 2.2.23
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.2.15
Apache Http Server 2.2.20
1 Github repository
5
CVSSv2
CVE-2012-4557
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 up to and including 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote malicious users to cause a denial of service (worker consumption) via an expensive r...
Apache Http Server 2.2.13
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.14
Apache Http Server 2.2.19
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.15
Apache Http Server 2.2.20
2.6
CVSSv2
CVE-2012-4929
The TLS protocol 1.2 and previous versions, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle malicious users to obtain plaintext HTTP head...
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Google Chrome
Mozilla Firefox
14 Github repositories
2.6
CVSSv2
CVE-2012-2687
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x prior to 2.4.3, when the MultiViews option is enabled, allow remote malicious users to inject arbitrary web scr...
Apache Http Server 2.2.23
Apache Http Server 2.4.1
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.4.0
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.4.2
4.4
CVSSv2
CVE-2012-0216
The default configuration of the apache2 package in Debian GNU/Linux squeeze prior to 2.2.16-6+squeeze7, wheezy prior to 2.2.22-4, and sid prior to 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct c...
Debian Apache2
4.3
CVSSv2
CVE-2011-3639
The mod_proxy module in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x prior to 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse pro...
Apache Http Server 2.0.42
Apache Http Server 2.0.58
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.0.47
Apache Http Server 2.0.56
Apache Http Server 2.0.50
Apache Http Server 2.0.27
Apache Http Server 2.2.2
Apache Http Server 2.0.12
Apache Http Server 2.0.20
Apache Http Server2.0a9
Apache Http Server 2.2.4
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.2.17
Apache Http Server 2.0.44
Apache Http Server 2.2.16
Apache Http Server 2.0.39
1 EDB exploit
4.3
CVSSv2
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
1.2
CVSSv2
CVE-2011-4415
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x up to and including 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a de...
Apache Http Server 2.0.55
Apache Http Server 2.0.54
Apache Http Server 2.0.46
Apache Http Server 2.0.49
Apache Http Server 2.0.63
Apache Http Server 2.0.9
Apache Http Server 2.0.35
Apache Http Server 2.0.34
Apache Http Server 2.0.37
Apache Http Server 2.0.57
Apache Http Server 2.0.56
Apache Http Server 2.0.51
Apache Http Server 2.0.48
Apache Http Server 2.0.43
Apache Http Server 2.0.60
Apache Http Server 2.0
Apache Http Server 2.0.36
Apache Http Server 2.0.39
Apache Http Server 2.0.50
Apache Http Server 2.0.53
Apache Http Server 2.0.42
Apache Http Server 2.0.45
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »