Filtered by vendor Apache
Subscriptions
Filtered by product Http Server
Subscriptions
Total
307 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | ||||
| CVE-2002-1593 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module. | ||||
| CVE-2002-1658 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. | ||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | ||||
| CVE-1999-0236 | 2 Apache, Illinois | 2 Http Server, Ncsa Httpd | 2025-04-03 | 7.5 High |
| ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | ||||
| CVE-2002-0661 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters. | ||||
| CVE-1999-1237 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods. | ||||
| CVE-1999-0067 | 2 Apache, Ncsa | 2 Http Server, Ncsa Httpd | 2025-04-03 | N/A |
| phf CGI program allows remote command execution through shell metacharacters. | ||||
| CVE-1999-0678 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2025-04-03 | N/A |
| A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. | ||||
| CVE-2000-0868 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2025-04-03 | N/A |
| The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | ||||
| CVE-2000-0913 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression. | ||||
| CVE-1999-0926 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. | ||||
| CVE-2001-0042 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. | ||||
| CVE-1999-1199 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. | ||||
| CVE-2001-0729 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. | ||||
| CVE-2001-0766 | 2 Apache, Apple | 2 Http Server, Mac Os X | 2025-04-03 | 9.8 Critical |
| Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. | ||||
| CVE-1999-1293 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | ||||
| CVE-1999-0289 | 2 Apache, Microsoft | 2 Http Server, Windows | 2025-04-03 | N/A |
| The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. | ||||
| CVE-2002-0392 | 3 Apache, Debian, Redhat | 7 Http Server, Debian Linux, Enterprise Linux and 4 more | 2025-04-03 | N/A |
| Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | ||||
| CVE-2003-0016 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. | ||||