Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheHttp Server*

161 matches found

CVE
CVEadded 2005/10/25 5:6 p.m.78 views

CVE-2005-2970

Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.

5CVSS6.2AI score0.06935EPSS
CVE
CVEadded 2004/09/17 4:0 a.m.76 views

CVE-2004-0809

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

5CVSS7.2AI score0.1074EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.76 views

CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.

5CVSS9AI score0.6741EPSS
CVE
CVEadded 2005/07/14 4:0 a.m.74 views

CVE-2001-1534

mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.

2.1CVSS6.4AI score0.00122EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.71 views

CVE-2004-0786

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.

5CVSS7.3AI score0.52177EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.65 views

CVE-1999-1199

Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.

10CVSS6.9AI score0.05541EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.64 views

CVE-2004-0751

The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).

5CVSS7.4AI score0.59522EPSS
CVE
CVEadded 2005/08/16 4:0 a.m.63 views

CVE-2004-2343

Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism is only intended to restrict...

7.2CVSS6.3AI score0.00076EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.62 views

CVE-2004-0748

mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.

5CVSS7.3AI score0.19646EPSS
CVE
CVEadded 2003/08/27 4:0 a.m.59 views

CVE-2003-0460

The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.

5CVSS6.7AI score0.11827EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.56 views

CVE-1999-1293

mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.

10CVSS7AI score0.01233EPSS
Total number of security vulnerabilities161