Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: http-server Clear
ID Title
CVE-2026-49975 Vulnerability in apache (CVE-2026-49975)
vulnerability in apache (CVE-2026-49975). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-48913 Use-After-Free in apache (CVE-2026-48913)
vulnerability in apache (CVE-2026-48913). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44631 Vulnerability in apache (CVE-2026-44631)
vulnerability in apache (CVE-2026-44631). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44186 Vulnerability in apache (CVE-2026-44186)
vulnerability in apache (CVE-2026-44186). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44185 Vulnerability in apache (CVE-2026-44185)
vulnerability in apache (CVE-2026-44185). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-44119 Privilege Escalation in apache (CVE-2026-44119)
vulnerability in apache (CVE-2026-44119). Confidential information can be exposed externally. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-43951 Out-of-Bounds Read in apache (CVE-2026-43951)
vulnerability in apache (CVE-2026-43951). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-42536 Vulnerability in apache (CVE-2026-42536)
vulnerability in apache (CVE-2026-42536). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-42535 Vulnerability in apache (CVE-2026-42535)
vulnerability in apache (CVE-2026-42535). Data can be tampered with by attackers. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-34356 Vulnerability in apache (CVE-2026-34356)
vulnerability in apache (CVE-2026-34356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-29170 Cross-Site Scripting (XSS) in apache (CVE-2026-29170)
cross-site scripting in apache (CVE-2026-29170). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-34355 Vulnerability in apache (CVE-2026-34355)
vulnerability in apache (CVE-2026-34355). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-29167 Use-After-Free in apache (CVE-2026-29167)
vulnerability in apache (CVE-2026-29167). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-8855 Code Injection in dos (CVE-2026-8855)
code injection in dos (CVE-2026-8855). Successful exploitation can lead to full system takeover.
CVE-2026-8854 Vulnerability in dos (CVE-2026-8854)
vulnerability in dos (CVE-2026-8854). Risk of unauthorized operations or information disclosure.
CVE-2026-9170 Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
CVE-2026-8834 Vulnerability in dos (CVE-2026-8834)
vulnerability in dos (CVE-2026-8834). Successful exploitation can lead to full system takeover.
CVE-2026-8856 Vulnerability in dos (CVE-2026-8856)
vulnerability in dos (CVE-2026-8856). Data can be tampered with by attackers.
CVE-2026-8835 Vulnerability in dos (CVE-2026-8835)
vulnerability in dos (CVE-2026-8835). Confidential information can be exposed externally.
CVE-2026-8850 Vulnerability in dos (CVE-2026-8850)
vulnerability in dos (CVE-2026-8850). Risk of unauthorized operations or information disclosure.
CVE-2026-8852 Vulnerability in dos (CVE-2026-8852)
vulnerability in dos (CVE-2026-8852). Risk of unauthorized operations or information disclosure.
CVE-2026-23918 Vulnerability in jvn (CVE-2026-23918)
vulnerability in jvn (CVE-2026-23918). Successful exploitation can lead to full system takeover.
CVE-2026-28780 Vulnerability in apache (CVE-2026-28780)
vulnerability in apache (CVE-2026-28780). Successful exploitation can lead to full system takeover.
CVE-2024-38475 KEV [KEV] Vulnerability in Apache http-server (CVE-2024-38475)
vulnerability in Apache http-server (CVE-2024-38475). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-3891 Vulnerability in apache (CVE-2025-3891)
vulnerability in apache (CVE-2025-3891). Risk of unauthorized operations or information disclosure.
CVE-2023-44487 KEV [KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
CVE-2015-2808 Vulnerability in oracle (CVE-2015-2808)
vulnerability in oracle (CVE-2015-2808). Risk of unauthorized operations or information disclosure.
CVE-2021-42013 KEV [KEV] Path Traversal in Apache http-server (CVE-2021-42013)
path traversal in Apache http-server (CVE-2021-42013). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41773 KEV [KEV] Path Traversal in Apache http-server (CVE-2021-41773)
path traversal in Apache http-server (CVE-2021-41773). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-0211 KEV [KEV] Use-After-Free in Apache http-server (CVE-2019-0211)
vulnerability in Apache http-server (CVE-2019-0211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41617 Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
CVE-2020-1971 Vulnerability in dos (CVE-2020-1971)
vulnerability in dos (CVE-2020-1971). Risk of unauthorized operations or information disclosure.
CVE-2014-3250 Vulnerability in apache (CVE-2014-3250)
vulnerability in apache (CVE-2014-3250). Confidential information can be exposed externally.
CVE-2017-1000118 Buffer Overflow in dos (CVE-2017-1000118)
vulnerability in dos (CVE-2017-1000118). Risk of unauthorized operations or information disclosure.
CVE-2017-9798 Use-After-Free in c (CVE-2017-9798)
vulnerability in c (CVE-2017-9798). Confidential information can be exposed externally.
CVE-2016-0736 Vulnerability in apache (CVE-2016-0736)
vulnerability in apache (CVE-2016-0736). Confidential information can be exposed externally.
CVE-2016-2161 Vulnerability in apache (CVE-2016-2161)
vulnerability in apache (CVE-2016-2161). Risk of unauthorized operations or information disclosure.
CVE-2016-8743 Vulnerability in apache (CVE-2016-8743)
vulnerability in apache (CVE-2016-8743). Data can be tampered with by attackers.
CVE-2017-7659 Vulnerability in apache (CVE-2017-7659)
vulnerability in apache (CVE-2017-7659). Risk of unauthorized operations or information disclosure.
CVE-2017-9789 Use-After-Free in apache (CVE-2017-9789)
vulnerability in apache (CVE-2017-9789). Risk of unauthorized operations or information disclosure.
CVE-2017-9788 Vulnerability in apache (CVE-2017-9788)
vulnerability in apache (CVE-2017-9788). Confidential information can be exposed externally. Exploitable via `Authorization header`.
CVE-2017-7679 Vulnerability in apache (CVE-2017-7679)
vulnerability in apache (CVE-2017-7679). Successful exploitation can lead to full system takeover.
CVE-2017-7668 Vulnerability in apache (CVE-2017-7668)
vulnerability in apache (CVE-2017-7668). Risk of unauthorized operations or information disclosure.
CVE-2017-3169 Vulnerability in apache (CVE-2017-3169)
vulnerability in apache (CVE-2017-3169). Successful exploitation can lead to full system takeover.
CVE-2017-3167 Authentication Bypass in apache (CVE-2017-3167)
authentication bypass in apache (CVE-2017-3167). Successful exploitation can lead to full system takeover.
CVE-2013-2566 Vulnerability in oracle (CVE-2013-2566)
vulnerability in oracle (CVE-2013-2566). Confidential information can be exposed externally.
CVE-2009-3555 Vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555)
vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.5.33` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →