Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-5447
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows malicious users to list files in arbitrary folders.
Http-file-server Project Http-file-server
NA
CVE-2007-2367
Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4.6 allows remote malicious users to cause a denial of service (forced application exit) via a long directory name in the URI.
Wserve Http Server Wserve Http Server 4.6
1 EDB exploit
6.5
CVSSv3
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Angular-http-server Project Angular-http-server
NA
CVE-2004-0493
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote malicious users to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large number...
Trustix Secure Linux 2.0
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Gentoo Linux 1.4
Trustix Secure Linux 2.1
Apache Http Server 2.0.47
Ibm Http Server 2.0.42.1
Avaya S8300 R2.0.0
Apache Http Server 2.0.49
Ibm Http Server 2.0.42
Ibm Http Server 2.0.47.1
Apache Http Server 2.0.48
Ibm Http Server 2.0.42.2
Avaya S8700 R2.0.0
Avaya S8500 R2.0.0
Ibm Http Server 2.0.47
2 EDB exploits
5.9
CVSSv3
CVE-2019-2751
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OHS Config MBeans). Supported versions that are affected are 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to...
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.1.3.0.0
7.1
CVSSv3
CVE-2022-21593
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OHS Config MBeans). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
3.7
CVSSv3
CVE-2016-3482
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 and 12.1.3.0 allows remote malicious users to affect confidentiality via vectors related to SSL/TLS Module.
Oracle Http Server 12.1.3.0
Oracle Http Server 11.1.1.9
7.5
CVSSv3
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote malicious users to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
Miniweb Http Server Project Miniweb Http Server 0.8.19
1 Github repository
NA
CVE-2000-1206
Vulnerability in Apache httpd prior to 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote malicious users to retrieve arbitrary files.
Apache Http Server 1.3.10
Apache Http Server 1.3.9
5.9
CVSSv3
CVE-2018-2760
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). Supported versions that are affected are 12.1.3 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise ...
Oracle Http Server 12.1.3
Oracle Http Server 12.2.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »