Software Detail

Software Informaton Top

Web Server

Software Detail

Apache HTTP Server

Number Of NVD

298

CRITICAL

HIGH

101

MEDIUM

159

LOW

URL	https://httpd.apache.org/
Explanation	It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache. The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server". It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag	オープンソース Apache License v2.0

Add Information URL

No	Type	Name	URL
1			https://httpd.apache.org/download.cgi

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Security Support Service Pack Support	Critical	High	Medium	Low
181	New!! Apache HTTP Server 2.4	2.4.68	June 8, 2026	Feb. 21, 2012		22	39	36	1
182	Apache HTTP Server 2.0	2.0.65	July 10, 2013	April 6, 2002	July 10, 2013	9	29	73	5
183	Apache HTTP Server 2.3	2.3.9				8	10	9	0
184	Apache HTTP Server 2.2	2.2.9				12	21	69	7
185	Apache HTTP Server 2.1	2.1.9				9	10	13	0
186	Apache HTTP Server 2.0	2.0.9				9	22	54	4
187	Apache HTTP Server 12.2	12.2.1.3.0				0	0	0	0
188	Apache HTTP Server 12.1	12.1.3.0.0				0	0	0	0
189	Apache HTTP Server 11.1	11.1.1.9.0				0	0	0	0
190	Apache HTTP Server 1.99	1.99				9	12	12	0
191	Apache HTTP Server 1.4	1.4.0				9	12	12	0
192	Apache HTTP Server 1.3	1.3.9				10	28	43	3
193	Apache HTTP Server 1.2	1.2.9				9	17	19	0
194	Apache HTTP Server 1.15	1.15.17				9	13	12	0
195	Apache HTTP Server 1.1	1.1.1				9	19	20	0
196	Apache HTTP Server 1.0	1.0.5				9	18	20	0
197	Apache HTTP Server 0.8	0.8.14				9	17	19	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	or less	less than	Update date Published date	Show Affected	Exploit PoC Search
181	- 4.3	MEDIUM	Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via…	CWE-200 Information Exposure	CVE-2007-6514	cpe:2.3:a:apache:http_server:2.2.6:* cpe:2.3:a:apache:http_server:2.2.6:*				2026-04-23 09:35 2007-12-22	Show	GitHub Exploit DB Packet Storm

182	- 4.3	MEDIUM	Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server …	CWE-79 Cross-site Scripting	CVE-2007-5000	cpe:2.3:a:apache:http_server::	1.3.0 2.0.35 2.2.0	1.3.39 2.0.61 2.2.6		2026-04-23 09:35 2007-12-14	Show	GitHub Exploit DB Packet Storm

183	- 4.3	MEDIUM	Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might all…	CWE-79 Cross-site Scripting	CVE-2007-6203	cpe:2.3:a:apache:http_server:2.2.4:* cpe:2.3:a:apache:http_server:2.2.3:* cpe:2.3:a:apache:http_server:2.2.2:*				2026-04-23 09:35 2007-12-4	Show	GitHub Exploit DB Packet Storm

184	6.1 4.3	MEDIUM Network	Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbit…	CWE-79 Cross-site Scripting	CVE-2007-4465	cpe:2.3:a:apache:http_server::	2.0.0 2.2.0		2.0.61 2.2.6	2026-04-23 09:35 2007-09-14	Show	GitHub Exploit DB Packet Storm

185	- 5.0	MEDIUM	The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process c…	CWE-125 Out-of-bounds Read	CVE-2007-3847	cpe:2.3:a:apache:http_server::	2.0.35 2.2.0		2.0.61 2.2.6	2026-04-23 09:35 2007-08-24	Show	GitHub Exploit DB Packet Storm

186	- 4.3	MEDIUM	Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote …	NVD-CWE-Other	CVE-2006-5752	cpe:2.3:a:apache:http_server::	1.3.2 2.0.0 2.2.0		1.3.39 2.0.61 2.2.6	2026-04-23 09:35 2007-06-28	Show	GitHub Exploit DB Packet Storm

187	- 5.0	MEDIUM	cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service …	NVD-CWE-Other	CVE-2007-1863	cpe:2.3:a:apache:http_server::	2.0.37 2.2.0		2.0.61 2.2.6	2026-04-23 09:35 2007-06-28	Show	GitHub Exploit DB Packet Storm

188	- 4.9	MEDIUM	Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by…	CWE-94 Code Injection	CVE-2007-3303	cpe:2.3:a:apache:http_server:2.2.4:* cpe:2.3:a:apache:http_server:2.0.59:*				2026-04-23 09:35 2007-06-21	Show	GitHub Exploit DB Packet Storm

189	- 4.7	MEDIUM	Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary pr…	NVD-CWE-noinfo	CVE-2007-3304	cpe:2.3:a:apache:http_server::	1.3.0 2.0.0 2.2.0		1.3.39 2.0.61 2.2.6	2026-04-23 09:35 2007-06-21	Show	GitHub Exploit DB Packet Storm

190	- 5.0	MEDIUM	The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which cou…	NVD-CWE-Other	CVE-2007-1862	cpe:2.3:a:apache:http_server:2.2.4:*				2026-04-23 09:35 2007-06-5	Show	GitHub Exploit DB Packet Storm