CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11577 matches found

GithubExploit•added 2026/05/08 6:28 p.m.•140 views

Exploit for Observable Timing Discrepancy in Apache Http_Server

CTT-enhanced-Apache-modauthdigest-timing-attack-exploit CTT-...

4.8CVSS5.8AI score0.00246EPSS

Exploits1

OSV•added 2026/05/08 5:43 a.m.•3 views

BIT-JRE-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.00535EPSS

Exploits0References15

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-38772

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

5.3CVSS5.9AI score0.00203EPSS

Exploits0References11

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-38721

5.8CVSS5.8AI score0.00535EPSS

Exploits0References16

OSV•added 2026/05/07 5:25 p.m.•3 views

CLSA-2026-1778174697 httpd: Fix of 9 CVEs

CVE-2026-24072: fix modrewrite apexpr privilege escalation in htaccess - CVE-2026-28780: fix modproxyajp ajpmsgcheckheader buffer over-read - CVE-2026-29169: fix moddavlock NULL pointer dereference - CVE-2026-33006: fix modauthdigest timing attack - CVE-2026-33007: fix modauthnsocache NULL...

9.8CVSS5.9AI score0.00648EPSS

Exploits2References1

OSV•added 2026/05/07 8:38 a.m.•4 views

BIT-APACHE-2026-28780 Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

9.8CVSS5.8AI score0.00026EPSS

Exploits0References3

Microsoft CVE•added 2026/05/07 8:12 a.m.•4 views

Apache HTTP Server: Off-by-one OOB reads in AJP getter functions

...

5.3CVSS5.8AI score0.00247EPSS

Exploits0

Microsoft CVE•added 2026/05/07 8:12 a.m.•10 views

Apache HTTP Server: mod_md unrestricted OCSP response

...

7.3CVSS5.8AI score0.00049EPSS

Exploits0

Microsoft CVE•added 2026/05/07 8:12 a.m.•7 views

Apache HTTP Server: mod_dav_lock indirect lock crash

...

7.5CVSS5.8AI score0.00644EPSS

Exploits0

Microsoft CVE•added 2026/05/07 8:11 a.m.•8 views

Apache HTTP Server: mod_authn_socache crash

...

5.3CVSS5.8AI score0.00648EPSS

Exploits0

Microsoft CVE•added 2026/05/07 8:11 a.m.•5 views

Apache HTTP Server: mod_auth_digest timing attack

...

4.8CVSS5.8AI score0.00246EPSS

Exploits1

Microsoft CVE•added 2026/05/07 8:11 a.m.•14 views

Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)

...

5.3CVSS5.8AI score0.00247EPSS

Exploits0

Positive Technologies•added 2026/05/07 12:0 a.m.•13 views

PT-2026-38461

Heap-based Buffer Overflow vulnerability in mod proxy ajp of Apache HTTP Server. If mod proxy ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod proxy ajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This...

9.8CVSS5.8AI score0.00026EPSS

Exploits0References4

OSV•added 2026/05/06 2:43 p.m.•2 views

BIT-JAVA-MIN-2022-21628

5.3CVSS6.7AI score0.00203EPSS

Exploits0References10

OSV•added 2026/05/06 2:43 p.m.•3 views

BIT-JAVA-2022-21628

5.3CVSS6.7AI score0.00203EPSS

Exploits0References10

OSV•added 2026/05/06 2:42 p.m.•5 views

BIT-JAVA-2020-2800