Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-1999-1125
Oracle Webserver 2.1 and previous versions runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration f...
Oracle Http Server
Oracle Http Server 1.0
356
VMScore
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Angular-http-server Project Angular-http-server
505
VMScore
CVE-2008-0338
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote malicious users to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.
Miniweb Http Server Miniweb Http Server 0.8.19
1 EDB exploit
650
VMScore
CVE-2004-0493
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote malicious users to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large number...
Trustix Secure Linux 2.0
Avaya Converged Communications Server 2.0
Trustix Secure Linux 1.5
Gentoo Linux 1.4
Trustix Secure Linux 2.1
Apache Http Server 2.0.47
Ibm Http Server 2.0.42.1
Avaya S8300 R2.0.0
Apache Http Server 2.0.49
Ibm Http Server 2.0.42
Ibm Http Server 2.0.47.1
Apache Http Server 2.0.48
Ibm Http Server 2.0.42.2
Avaya S8700 R2.0.0
Avaya S8500 R2.0.0
Ibm Http Server 2.0.47
2 EDB exploits
505
VMScore
CVE-2002-1850
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote malicious users to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI...
Apache Http Server 2.0.39
Apache Http Server 2.0.40
1 EDB exploit
NA
CVE-2022-21593
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OHS Config MBeans). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
445
VMScore
CVE-2000-1206
Vulnerability in Apache httpd prior to 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote malicious users to retrieve arbitrary files.
Apache Http Server 1.3.10
Apache Http Server 1.3.9
755
VMScore
CVE-2013-4743
Static HTTP Server 1.0 has a Local Overflow
Static Http Server Project Static Http Server 1.0
1 EDB exploit
436
VMScore
CVE-2007-3303
Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang...
Apache Http Server 2.2.4
Apache Http Server 2.0.59
445
VMScore
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote malicious users to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
Miniweb Http Server Project Miniweb Http Server 0.8.19
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »