apache

3,096 tracked vulnerabilities.

CVE-2006-20001 HIGH
Apache HTTP Server < 2.4.55 - Out-of-bounds Write via If Header
Jan 17, 2023
CVSS 7.5
EPSS 0.04
CVE-2006-7216
Apache Derby <10.2.1.6 - Privilege Escalation
Jul 05, 2007
EPSS 0.02
CVE-2006-7217
Apache Derby <10.2.1.6 - Privilege Escalation
Jul 05, 2007
EPSS 0.02
CVE-2006-5752
Apache HTTP Server 1.3.2-1.3.38 - Cross-Site Scripting in mod_status
Jun 27, 2007
EPSS 0.28
CVE-2006-7195
Apache Tomcat 5.0.0-5.0.30 and 5.5.0-5.5.17 - Cross-Site Scripting via Header Values
May 10, 2007
EPSS 0.05
CVE-2006-7196
Apache Tomcat 4.0.0-4.1.31 - Cross-Site Scripting via Calendar Time Parameter
May 10, 2007
EPSS 0.72
CVE-2006-7197
Apache Tomcat 5.5.15 - Memory Corruption
Apr 25, 2007
EPSS 0.08
CVE-2006-6587
Apache OFBiz - Stored Cross-Site Scripting in Ecommerce Forum Message Posting
Dec 15, 2006
EPSS 0.08
CVE-2006-6588
Apache OFBiz - Unauthenticated Content Type Manipulation via Hidden Form Fields
Dec 15, 2006
EPSS 0.02
CVE-2006-6589
Apache Open For Business Project (OFBiz) and Opentaps 0.9.3 - XSS
Dec 15, 2006
EPSS 0.03
CVE-2006-4154
Apache HTTP Server mod_tcl 1.0 - Remote Code Execution via Format String Specifiers
Oct 16, 2006
EPSS 0.16
CVE-2006-4110
Apache HTTP Server 2.2.2 - Source Code Disclosure via Case-Insensitive ScriptAlias Bypass
Aug 14, 2006
EPSS 0.39
CVE-2006-3747
Apache HTTP Server 1.3.28-1.3.36 & 2.0.46-2.0.58 - DoS & RCE via mod_rewrite LDAP Handling
Jul 28, 2006
EPSS 0.96
CVE-2006-3918
Apache HTTP Server 1.3.3-1.3.34 - Cross-Site Scripting via Expect Header
Jul 28, 2006
EPSS 0.95
CVE-2006-3835
Apache Tomcat <5.5.17 - Path Traversal
Jul 25, 2006
EPSS 0.46
CVE-2006-2447
SpamAssassin - Remote Code Execution via Crafted Message with Virtual Pop Username
Jun 06, 2006
EPSS 0.75
CVE-2006-2806
Apache James 2.2.0 - Denial of Service via Long MAIL Command Argument
Jun 05, 2006
EPSS 0.06
CVE-2006-1546
Apache Struts < 1.2.9 - Request Validation Bypass via Cancel Parameter
Mar 30, 2006
EPSS 0.06
CVE-2006-1547 HIGH KEV
Apache Struts < 1.2.9 - Denial of Service via Multipart Form Parameter Manipulation
Mar 30, 2006
CVSS 7.5
EPSS 0.55
CVE-2006-1548
Apache Struts < 1.2.9 - Cross-Site Scripting via Parameter Name in Error Message
Mar 30, 2006
EPSS 0.05
CVE-2006-0743
Apache log4net 1.2.9 - Denial of Service via Format String in LocalSyslogAppender
Mar 09, 2006
EPSS 0.06
CVE-2006-1095
Apache mod_python 3.2.7 - Local Arbitrary Code Execution via FileSession Session Cookie
Mar 09, 2006
EPSS 0.01
CVE-2006-0042
Apache libapreq2 < 2.07 - Denial of Service via Quadratic Computational Complexity
Feb 18, 2006
EPSS 0.06
CVE-2006-0254
Apache Geronimo 1.0 - Cross-Site Scripting via cal2.jsp Time Parameter and Invalid Parameters
Jan 18, 2006
EPSS 0.32
CVE-2005-3357
Apache HTTP Server <= 2.0.55 - Denial of Service via Non-SSL Request to SSL Port
Dec 31, 2005
EPSS 0.24