Lucene search
K

11 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.670 views

CVE-1999-1412

CVE-1999-1412 describes a DoS risk from an interaction between MacOS X 1.0 and Apache HTTP server, where a flood of HTTP GET requests to CGI programs can spawn many processes on affected systems. Connected sources provide concrete details indicating the issue relates to the Apache httpd component...

5CVSS6.2AI score0.35342EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.502 views

CVE-1999-1237

CVE-1999-1237 describes multiple buffer overflows in the smbvalid/smbval SMB authentication library, as used by Apache::AuthenSmb and potentially other modules. The vulnerability allows remote attackers to execute arbitrary commands by sending excessively long usernames, passwords, or via other u...

10CVSS8.5AI score0.08154EPSS
CVE
CVE
added 2007/01/05 6:0 p.m.383 views

CVE-2007-0086

CVE-2007-0086 targets the Apache HTTP Server. The documented effect is a denial of service caused by a Range header that can cause network bandwidth consumption when a TCP connection is opened with a large window size, via multiple copies of the same fragment. The connected documents provide conc...

7.8CVSS7.3AI score0.09619EPSS
In wild
CVE
CVE
added 2007/03/16 10:0 p.m.365 views

CVE-2007-0450

CVE-2007-0450 is a directory traversal vulnerability affecting Apache Tomcat (and Tomcat behind certain Apache proxies) where a crafted URI containing a dot-dot sequence and mixed separators (/, , and %5C) can cause unauthorized disclosure of arbitrary files. Affected products/versions include To...

5CVSS6.2AI score0.90768EPSS
CVE
CVE
added 2008/01/12 12:0 a.m.312 views

CVE-2007-6423

The CVE-2007-6423 issue concerns Apache HTTP Server 2.2.x on Windows, where mod_proxy_balancer could trigger memory corruption through a long URL. The Red Hat advisory notes the vulnerability as unspecified and unreproducible by the vendor, while Red Hat indicates that Apache 2.2.7-dev contains a...

7.8CVSS6.5AI score0.03901EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.287 views

CVE-1999-0678

CVE-1999-0678 affects the Apache server configured on Debian GNU/Linux where the default ServerRoot is /usr/doc. This misconfiguration allows remote users to read documentation files for the entire server via the web interface. The issue is caused by serving the /usr/doc directory as part of the ...

5CVSS6.6AI score0.31408EPSS
CVE
CVE
added 2008/01/08 6:0 p.m.215 views

CVE-2007-6422

CVE-2007-6422 affects Apache HTTP Server 2.2.0–2.2.6 when using a threaded MPM. The vulnerability in the mod_proxy_balancer module allows remote authenticated users to cause a denial of service by triggering a crash of the Apache child process via an invalid bb variable. This is documented in mul...

4CVSS5.8AI score0.09951EPSS
CVE
CVE
added 2008/01/08 7:0 p.m.196 views

CVE-2007-6421

CVE-2007-6421 is an XSS vulnerability in Apache HTTP Server 2.2.0–2.2.6 within the balancer-manager component of mod_proxy_balancer. An attacker could inject arbitrary script/HTML via the (1) ss, (2) wr, or (3) rr parameters, or via the URL. Affected product: Apache httpd 2.2.x (balancer-manager)...

3.5CVSS7.8AI score0.08324EPSS
CVE
CVE
added 2008/05/13 9:0 p.m.172 views

CVE-2008-2168

CVE-2008-2168 : The linked SUSE/NVD entries describe a cross-site scripting (XSS) vulnerability in Apache HTTP Server up to version 2.2.6 and earlier, exploitable via UTF-7 encoded URLs that are mishandled when rendering the 403 Forbidden error page. Attacker-provided URL input can inject arbitra...

4.3CVSS5.4AI score0.54851EPSS
CVE
CVE
added 2025/04/29 11:56 a.m.108 views

CVE-2025-3891

CVE-2025-3891 affects the Apache httpd mod_auth_openidc module. A remote, unauthenticated attacker can cause a DoS by sending an empty POST when the OIDCPreservePost directive is enabled, crashing the server and impacting availability. Evidence from multiple advisories confirms the issue and ment...

7.5CVSS5.2AI score0.01214EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.99 views

CVE-1999-0289

The CVE-1999-0289 entry concerns the Apache HTTP Server for Win32. Affected component: the Web server handling URLs; issue described as: the server may provide access to restricted files when a "." is appended to a requested URL. The core impact is restricted-file disclosure. Public details acros...

5CVSS7AI score0.03612EPSS