Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-49975 |
|
Vulnerability in apache (CVE-2026-49975)
vulnerability in apache (CVE-2026-49975). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-48913 |
|
Use-After-Free in apache (CVE-2026-48913)
vulnerability in apache (CVE-2026-48913). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-44631 |
|
Vulnerability in apache (CVE-2026-44631)
vulnerability in apache (CVE-2026-44631). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-44186 |
|
Vulnerability in apache (CVE-2026-44186)
vulnerability in apache (CVE-2026-44186). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-44185 |
|
Vulnerability in apache (CVE-2026-44185)
vulnerability in apache (CVE-2026-44185). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-44119 |
|
Privilege Escalation in apache (CVE-2026-44119)
vulnerability in apache (CVE-2026-44119). Confidential information can be exposed externally. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-43951 |
|
Out-of-Bounds Read in apache (CVE-2026-43951)
vulnerability in apache (CVE-2026-43951). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-42536 |
|
Vulnerability in apache (CVE-2026-42536)
vulnerability in apache (CVE-2026-42536). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-42535 |
|
Vulnerability in apache (CVE-2026-42535)
vulnerability in apache (CVE-2026-42535). Data can be tampered with by attackers. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-34356 |
|
Vulnerability in apache (CVE-2026-34356)
vulnerability in apache (CVE-2026-34356). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-29170 |
|
Cross-Site Scripting (XSS) in apache (CVE-2026-29170)
cross-site scripting in apache (CVE-2026-29170). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-34355 |
|
Vulnerability in apache (CVE-2026-34355)
vulnerability in apache (CVE-2026-34355). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-29167 |
|
Use-After-Free in apache (CVE-2026-29167)
vulnerability in apache (CVE-2026-29167). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2026-8855 |
|
Code Injection in dos (CVE-2026-8855)
code injection in dos (CVE-2026-8855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8854 |
|
Vulnerability in dos (CVE-2026-8854)
vulnerability in dos (CVE-2026-8854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9170 |
|
Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8834 |
|
Vulnerability in dos (CVE-2026-8834)
vulnerability in dos (CVE-2026-8834). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8856 |
|
Vulnerability in dos (CVE-2026-8856)
vulnerability in dos (CVE-2026-8856). Data can be tampered with by attackers.
|
| CVE-2026-8835 |
|
Vulnerability in dos (CVE-2026-8835)
vulnerability in dos (CVE-2026-8835). Confidential information can be exposed externally.
|
| CVE-2026-8850 |
|
Vulnerability in dos (CVE-2026-8850)
vulnerability in dos (CVE-2026-8850). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8852 |
|
Vulnerability in dos (CVE-2026-8852)
vulnerability in dos (CVE-2026-8852). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-23918 |
|
Vulnerability in jvn (CVE-2026-23918)
vulnerability in jvn (CVE-2026-23918). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28780 |
|
Vulnerability in apache (CVE-2026-28780)
vulnerability in apache (CVE-2026-28780). Successful exploitation can lead to full system takeover.
|
| CVE-2024-38475 KEV |
|
[KEV] Vulnerability in Apache http-server (CVE-2024-38475)
vulnerability in Apache http-server (CVE-2024-38475). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-3891 |
|
Vulnerability in apache (CVE-2025-3891)
vulnerability in apache (CVE-2025-3891). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-44487 KEV |
|
[KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
|
| CVE-2015-2808 |
|
Vulnerability in oracle (CVE-2015-2808)
vulnerability in oracle (CVE-2015-2808). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-42013 KEV |
|
[KEV] Path Traversal in Apache http-server (CVE-2021-42013)
path traversal in Apache http-server (CVE-2021-42013). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-41773 KEV |
|
[KEV] Path Traversal in Apache http-server (CVE-2021-41773)
path traversal in Apache http-server (CVE-2021-41773). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0211 KEV |
|
[KEV] Use-After-Free in Apache http-server (CVE-2019-0211)
vulnerability in Apache http-server (CVE-2019-0211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-41617 |
|
Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
|
| CVE-2020-1971 |
|
Vulnerability in dos (CVE-2020-1971)
vulnerability in dos (CVE-2020-1971). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-3250 |
|
Vulnerability in apache (CVE-2014-3250)
vulnerability in apache (CVE-2014-3250). Confidential information can be exposed externally.
|
| CVE-2017-1000118 |
|
Buffer Overflow in dos (CVE-2017-1000118)
vulnerability in dos (CVE-2017-1000118). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9798 |
|
Use-After-Free in c (CVE-2017-9798)
vulnerability in c (CVE-2017-9798). Confidential information can be exposed externally.
|
| CVE-2016-0736 |
|
Vulnerability in apache (CVE-2016-0736)
vulnerability in apache (CVE-2016-0736). Confidential information can be exposed externally.
|
| CVE-2016-2161 |
|
Vulnerability in apache (CVE-2016-2161)
vulnerability in apache (CVE-2016-2161). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8743 |
|
Vulnerability in apache (CVE-2016-8743)
vulnerability in apache (CVE-2016-8743). Data can be tampered with by attackers.
|
| CVE-2017-7659 |
|
Vulnerability in apache (CVE-2017-7659)
vulnerability in apache (CVE-2017-7659). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9789 |
|
Use-After-Free in apache (CVE-2017-9789)
vulnerability in apache (CVE-2017-9789). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9788 |
|
Vulnerability in apache (CVE-2017-9788)
vulnerability in apache (CVE-2017-9788). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2017-7679 |
|
Vulnerability in apache (CVE-2017-7679)
vulnerability in apache (CVE-2017-7679). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7668 |
|
Vulnerability in apache (CVE-2017-7668)
vulnerability in apache (CVE-2017-7668). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3169 |
|
Vulnerability in apache (CVE-2017-3169)
vulnerability in apache (CVE-2017-3169). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3167 |
|
Authentication Bypass in apache (CVE-2017-3167)
authentication bypass in apache (CVE-2017-3167). Successful exploitation can lead to full system takeover.
|
| CVE-2013-2566 |
|
Vulnerability in oracle (CVE-2013-2566)
vulnerability in oracle (CVE-2013-2566). Confidential information can be exposed externally.
|
| CVE-2009-3555 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555)
vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.5.33` or later.
|