CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5762 matches found

Prion•added 2021/09/16 3:15 p.m.•36 views

Design/Logic Flaw

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

5CVSS8.1AI score0.62887EPSS

Exploits0References24Affected Software8

UbuntuCve•added 2021/09/16 3:15 p.m.•76 views

CVE-2021-36160

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

7.5CVSS7.1AI score0.62887EPSS

Exploits0References6

Prion•added 2021/09/16 3:15 p.m.•41 views

Null pointer dereference

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

5CVSS8.3AI score0.64509EPSS

Exploits0References17Affected Software11

Prion•added 2021/09/16 3:15 p.m.•38 views

Input validation

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

7.5CVSS9.4AI score0.36339EPSS

Exploits0References15Affected Software6

OSV•added 2021/09/16 3:15 p.m.•0 views

UBUNTU-CVE-2021-34798

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

7.5CVSS7.1AI score0.64509EPSS

Exploits0References6

Vulnrichment•added 2021/09/16 2:40 p.m.•18 views

CVE-2021-40438 mod_proxy SSRF

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.1AI score0.99999EPSS

Exploits5References19

Cvelist•added 2021/09/16 2:40 p.m.•144 views

CVE-2021-40438 mod_proxy SSRF

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.5AI score0.99999EPSS

Exploits5References19

AlpineLinux•added 2021/09/16 2:40 p.m.•59 views

CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9CVSS9.6AI score0.99999EPSS

Exploits5

Debian CVE•added 2021/09/16 2:40 p.m.•121 views

CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9CVSS7.5AI score0.99999EPSS

Exploits5

CVE•added 2021/09/16 2:40 p.m.•4708 views

CVE-2021-40438

CVE-2021-40438 is an SSRF flaw in Apache HTTP Server 2.4.x through older revisions where a crafted request URI path can cause mod_proxy to forward the request to an origin server chosen by the remote user. The issue affects Apache httpd 2.4.48 and earlier; the CVSSv3.1 base score is 9.0 (CRITICAL...

9CVSS9.5AI score0.99999EPSS

In wildExploits5References20Affected Software1

CVE•added 2021/09/16 2:40 p.m.•6641 views

CVE-2021-39275

CVE-2021-39275 affects Apache HTTP Server (httpd) up to 2.4.48 and earlier. The issue is an out-of-bounds write in ap_escape_quotes() when given malicious input, potentially crashing the server or enabling code execution in some environments. Several connected sources concur this vulnerability ex...

9.8CVSS9.3AI score0.36339EPSS

Exploits0References15Affected Software1

Cvelist•added 2021/09/16 2:40 p.m.•240 views

CVE-2021-39275 ap_escape_quotes buffer overflow

9.9AI score0.36339EPSS

Exploits0References15

AlpineLinux•added 2021/09/16 2:40 p.m.•59 views

CVE-2021-39275

9.8CVSS9.4AI score0.36339EPSS

Exploits0

Debian CVE•added 2021/09/16 2:40 p.m.•63 views

CVE-2021-39275

9.8CVSS7.9AI score0.36339EPSS

Exploits0

Cvelist•added 2021/09/16 2:40 p.m.•65 views

CVE-2021-36160 mod_proxy_uwsgi out of bound read

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

8.7AI score0.62887EPSS

Exploits0References24

CVE•added 2021/09/16 2:40 p.m.•1516 views

CVE-2021-36160

CVE-2021-36160 affects Apache HTTP Server mod_proxy_uwsgi. A crafted request URI-path can cause mod_proxy_uwsgi to read beyond allocated memory, triggering a DoS. The issue is reported for Apache httpd versions 2.4.30–2.4.48. Public sources in connected documents corroborate the impact as an out-...

7.5CVSS8.5AI score0.62887EPSS

In wildExploits0References24Affected Software1

CVE•added 2021/09/16 2:40 p.m.•2017 views

CVE-2021-34798

CVE-2021-34798 is a vulnerability in Apache HTTP Server where malformed requests may cause a NULL pointer dereference in the httpd core. The issue affects Apache HTTP Server 2.4.48 and earlier, and the resulting crash can lead to a Denial of Service. Multiple connected advisories confirm the same...

7.5CVSS8.8AI score0.64509EPSS

Exploits0References17Affected Software1

AlpineLinux•added 2021/09/16 2:40 p.m.•74 views

CVE-2021-34798

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

7.5CVSS8.9AI score0.64509EPSS

Exploits0

Cvelist•added 2021/09/16 2:40 p.m.•205 views

CVE-2021-34798 NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

8.8AI score0.64509EPSS

Exploits0References17