Max CVSS 5.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-3185 4.3
The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote
06-06-2021 - 11:15 20-07-2015 - 23:59
CVE-2015-3183 5.0
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large c
06-06-2021 - 11:15 20-07-2015 - 23:59
CVE-2015-0228 5.0
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script ha
06-06-2021 - 11:15 08-03-2015 - 02:59
CVE-2015-0253 5.0
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending
06-06-2021 - 11:15 20-07-2015 - 23:59
Back to Top Mark selected
Back to Top