Web Server

Apache HTTP Server

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Official Site:

https://httpd.apache.org/

Severity Summary:

Critical: 36 High: 108 Medium: 165 Low: 14

Reference

Title

Severity

CVE-2012-1181

Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Medium

CVE-2007-4465

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2015-0228

Apache HTTP Server Improper Input Validation Vulnerability

Medium

CVE-2012-3502

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Medium

CVE-2016-4975

Apache HTTP Server Improper Neutralization of CRLF Sequences (CRLF Injection) Vulnerability

Medium

CVE-2018-1302

Apache HTTP Server NULL Pointer Dereference Vulnerability

Medium

CVE-2026-34032

Apache HTTP Server Out-of-bounds Read Vulnerability

Medium

CVE-2026-33857

Apache HTTP Server Out-of-bounds Read Vulnerability

Medium

CVE-2026-33523

Apache HTTP Server Other Vulnerability

Medium

CVE-2026-33007

Apache HTTP Server NULL Pointer Dereference Vulnerability

Medium

CVE-2026-33006

Apache HTTP Server Observable Timing Discrepancy Vulnerability

Medium

CVE-2017-12171

Apache HTTP Server Improper Input Validation Vulnerability

Medium

CVE-2018-11763

Apache HTTP Server Vulnerability

Medium

CVE-2018-1283

Apache HTTP Server Vulnerability

Medium

CVE-2019-0220

Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability

Medium

CVE-2026-29170

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2019-0196

Apache HTTP Server Use After Free Vulnerability

Medium

CVE-2019-10098

Apache HTTP Server URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Medium

CVE-2019-10092

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2020-11985

Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability

Medium

CVE-2026-44119

Apache HTTP Server Improper Privilege Management Vulnerability

Medium

CVE-2018-1301

Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Medium

CVE-2025-65082

Apache HTTP Server Improper Neutralization of Escape Meta or Control Sequences Vulnerability

Medium

CVE-2012-4557

Apache HTTP Server Resource Management Errors Vulnerability

Medium

CVE-2014-3583

Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Medium

CVE-2012-3499

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2012-4558

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2013-4352

Apache HTTP Server Other Vulnerability

Medium

CVE-2014-0117

Apache HTTP Server Improper Input Validation Vulnerability

Medium

CVE-2014-0231

Apache HTTP Server Resource Management Errors Vulnerability

Medium