Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Http_server
(Oracle)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 100 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-03-14 | CVE-2022-22721 | If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. | Http_server, Mac_os_x, Macos, Debian_linux, Fedora, Enterprise_manager_ops_center, Http_server, Zfs_storage_appliance_kit | 9.1 | ||
2022-03-14 | CVE-2022-23943 | Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. | Http_server, Debian_linux, Fedora, Http_server, Zfs_storage_appliance_kit | 9.8 | ||
2023-10-17 | CVE-2023-22019 | Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle HTTP Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). ... | Http_server | 7.5 | ||
2015-04-01 | CVE-2015-2808 | The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. | Ubuntu_linux, Debian_linux, Sparc_enterprise_m3000_firmware, Sparc_enterprise_m4000_firmware, Sparc_enterprise_m5000_firmware, Sparc_enterprise_m8000_firmware, Sparc_enterprise_m9000_firmware, 9700_firmware, E6000_firmware, E9000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_9000_firmware, Oceanstor_cse_firmware, Oceanstor_hvs85t_firmware, Oceanstor_replicationdirector, Oceanstor_s2600t_firmware, Oceanstor_s5500t_firmware, Oceanstor_s5600t_firmware, Oceanstor_s5800t_firmware, Oceanstor_s6800t_firmware, Oceanstor_vis6600t_firmware, Policy_center, Quidway_s9300_firmware, S12700_firmware, S2700_firmware, S2750_firmware, S3700_firmware, S5700ei_firmware, S5700hi_firmware, S5700li_firmware, S5700s\-Li_firmware, S5700si_firmware, S5710ei_firmware, S5710hi_firmware, S5720ei_firmware, S5720hi_firmware, S6700_firmware, S7700_firmware, Smc2\.0, Te60_firmware, Ultravr, Cognos_metrics_manager, Opensuse, Communications_application_session_controller, Communications_policy_management, Http_server, Integrated_lights_out_manager_firmware, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Manager | N/A | ||
2022-06-01 | CVE-2020-26184 | Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate Validation vulnerability. | Bsafe_micro\-Edition\-Suite, Http_server, Security_service, Weblogic_server_proxy_plug\-In | 7.5 | ||
2022-06-01 | CVE-2020-26185 | Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability. | Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In | 7.5 | ||
2022-07-11 | CVE-2020-29506 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In | 9.8 | ||
2022-07-11 | CVE-2020-29507 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In | 9.8 | ||
2022-07-11 | CVE-2020-29508 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In | 9.8 | ||
2022-07-11 | CVE-2020-35163 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Database, Http_server, Security_service, Weblogic_server_proxy_plug\-In | 9.8 |