Vulnerabilities > Oracle > Http Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-11 | CVE-2019-0197 | HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. | 4.2 |
| 2019-04-08 | CVE-2019-0211 | Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. | 7.8 |
| 2019-04-08 | CVE-2019-0217 | Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | 7.5 |
| 2019-02-06 | CVE-2019-3823 | Out-of-bounds Read vulnerability in multiple products libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. | 7.5 |
| 2019-02-06 | CVE-2019-3822 | Out-of-bounds Write vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. | 9.8 |
| 2019-02-06 | CVE-2018-16890 | Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. | 7.5 |
| 2019-01-16 | CVE-2019-2414 | Unspecified vulnerability in Oracle Http Server 12.2.1.3.0 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). | 7.8 |
| 2018-04-19 | CVE-2018-2760 | Unspecified vulnerability in Oracle Http Server 12.1.3/12.2.1.2 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). | 5.9 |
| 2018-01-18 | CVE-2018-2561 | Unspecified vulnerability in Oracle Http Server Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). | 5.3 |
| 2016-07-21 | CVE-2016-3482 | Unspecified vulnerability in Oracle Http Server 11.1.1.9/12.1.3.0 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 and 12.1.3.0 allows remote attackers to affect confidentiality via vectors related to SSL/TLS Module. | 3.7 |