Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Server

Oracle HTTP Server

Oracle HTTP Server is a web server based on the Apache HTTP Server created by the Oracle Technology Network.

Official Site:

https://www.oracle.com/middleware/technologies/webtier-downloads.html#server3

Severity Summary:

Critical: 27 High: 39 Medium: 33 Low: 4
Reference
Title
Severity
CVE-2026-21962
Oracle HTTP Server Improper Access Control Vulnerability
Critical
CVE-2022-25236
Oracle HTTP Server Exposure of Resource to Wrong Sphere Vulnerability
Critical
CVE-2022-22720
Oracle HTTP Server Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Critical
CVE-2020-35169
Oracle HTTP Server Improper Input Validation Vulnerability
Critical
CVE-2020-35168
Oracle HTTP Server Other Vulnerability
Critical
CVE-2019-5482
Oracle HTTP Server Out-of-bounds Write Vulnerability
Critical
CVE-2020-35167
Oracle HTTP Server Other Vulnerability
Critical
CVE-2020-35166
Oracle HTTP Server Other Vulnerability
Critical
CVE-1999-1125
Oracle HTTP Server Other Vulnerability
Critical
CVE-2022-23943
Oracle HTTP Server Out-of-bounds Write Vulnerability
Critical
CVE-2020-29506
Oracle HTTP Server Other Vulnerability
Critical
CVE-2020-29507
Oracle HTTP Server Improper Input Validation Vulnerability
Critical
CVE-2020-29508
Oracle HTTP Server Improper Input Validation Vulnerability
Critical
CVE-2020-35163
Oracle HTTP Server Use of Insufficiently Random Values Vulnerability
Critical
CVE-2006-5354
Oracle HTTP Server Other Vulnerability
Critical
CVE-2006-5349
Oracle HTTP Server Other Vulnerability
Critical
CVE-2021-39275
Oracle HTTP Server Out-of-bounds Write Vulnerability
Critical
CVE-2006-5348
Oracle HTTP Server Other Vulnerability
Critical
CVE-2006-5347
Oracle HTTP Server Other Vulnerability
Critical
CVE-2022-25235
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability
Critical
CVE-2021-44790
Oracle HTTP Server Out-of-bounds Write Vulnerability
Critical
CVE-2019-10082
Oracle HTTP Server Use After Free Vulnerability
Critical
CVE-2022-22721
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability
Critical
CVE-2019-3822
Oracle HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2021-40438
Oracle HTTP Server Server-Side Request Forgery (SSRF) Vulnerability
Critical
CVE-2010-0425
Oracle HTTP Server Vulnerability
Critical
CVE-2022-25315
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability
Critical
CVE-2021-4034
Oracle HTTP Server Out-of-bounds Write Vulnerability
High
CVE-2022-22719
Oracle HTTP Server Improper Initialization Vulnerability
High
CVE-2022-21716
Oracle HTTP Server Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability
High