CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5836 matches found

CVE•added 2010/03/05 7:0 p.m.•447 views

CVE-2010-0434

CVE-2010-0434 affects the Apache HTTP Server 2.2.x series (pre-2.2.15) where the ap_read_request handling in server/protocol.c for multithreaded MPMs could disclose memory contents by accessing headers of subrequests tied to an earlier request. Public sources in connected docs (e.g., Debian secur...

4.3CVSS8.8AI score0.0539EPSS

Exploits2References59Affected Software1

Debian CVE•added 2010/03/05 7:0 p.m.•31 views

CVE-2010-0434

The apreadrequest function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain...

4.3CVSS7.4AI score0.0539EPSS

Exploits2

OSV•added 2010/03/05 4:30 p.m.•8 views

CVE-2010-0408

The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server outage via a crafted request,...

6.5AI score

Exploits0References62

Prion•added 2010/03/05 4:30 p.m.•27 views

Design/Logic Flaw

5CVSS6.9AI score0.32487EPSS

Exploits1References44Affected Software1

Debian CVE•added 2010/03/05 4:0 p.m.•35 views

CVE-2010-0408

5CVSS7.4AI score0.32487EPSS

Exploits1

UbuntuCve•added 2010/03/05 12:0 a.m.•42 views

CVE-2010-0434

4.3CVSS7.2AI score0.0539EPSS

Exploits2References3

OpenVAS•added 2010/03/04 12:0 a.m.•56 views

Apache HTTP Server Multiple Security Vulnerabilities

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

9AI score

Exploits0References5

OpenVAS•added 2010/03/02 12:0 a.m.•46 views

Fedora Update for httpd FEDORA-2009-12747

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2009-12747 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

7.5CVSS0.2AI score0.03845EPSS

Exploits16References2

Fedora•added 2010/02/27 3:41 a.m.•50 views

[SECURITY] Fedora 11 Update: httpd-2.2.14-1.fc11

The Apache HTTP Server is a powerful, efficient, and extensible web server...

5.8CVSS1.1AI score0.03845EPSS

Exploits16

RedHat Linux•added 2010/02/23 8:20 p.m.•65 views

Low: Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update

JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Web Server is a fully integrated and certified set of components for hosting Java web...

9.8CVSS6.2AI score0.15322EPSS

Exploits15References8

OSV•added 2010/02/05 10:30 p.m.•5 views

CVE-2003-1581

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log...

6.2AI score

Exploits0References1

NVD•added 2010/02/05 10:30 p.m.•13 views

CVE-2003-1581

2.6CVSS6.1AI score0.01975EPSS

Exploits1References1

NVD•added 2010/02/05 10:30 p.m.•23 views

CVE-2003-1580

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-lev...

4.3CVSS6.6AI score0.01178EPSS

Exploits1References1

OSV•added 2010/02/05 10:30 p.m.•4 views

CVE-2003-1580

6.9AI score

Exploits0References1

Cvelist•added 2010/02/05 10:13 p.m.•19 views

CVE-2003-1580

6.6AI score0.01178EPSS

Exploits1References1

CVE•added 2010/02/05 10:13 p.m.•66 views

CVE-2003-1580

The CVE-2003-1580 issue affects Apache HTTP Server 2.0.44 when DNS resolution is enabled for client IPs. The vulnerability arises from a logging format that does not indicate whether a dotted-quad IP address is unresolved, which can allow remote attackers to spoof IP addresses by sending crafted ...

4.3CVSS6.8AI score0.01178EPSS

Exploits1References1Affected Software1

Debian CVE•added 2010/02/05 10:13 p.m.•25 views

CVE-2003-1580

4.3CVSS6.6AI score0.01178EPSS

Exploits1

NVD•added 2010/02/02 4:30 p.m.•22 views

CVE-2010-0010

Integer overflow in the approxysendfb function in proxy/proxyutil.c in modproxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service daemon crash or possibly execute arbitrary code via a large chunk size that triggers a heap-based...

6.8CVSS8.1AI score0.47445EPSS

Exploits2References23

Prion•added 2010/02/02 4:30 p.m.•14 views

Integer overflow

6.8CVSS8.8AI score0.47445EPSS

Exploits2References23Affected Software1

Cvelist•added 2010/02/02 4:25 p.m.•23 views

CVE-2010-0010

7.9AI score0.47445EPSS

Exploits2References23

Rows per page