I have a personal server, that contains important private files.
For a hobby project I need an external web application access an *.xml file over a url http://.. .
To provide this access I want to setup an Apache2 server on my Debian machine. Is there a security vulnerability (e.g. someone being able to use Apache2 to access my home directory?
being 100% secure is impossible, however, you can do the following things to protect yourself and ensure that your information is going to be secure.
Enable SSH and change the default port:
You can follow this guide or any other guide that you want.
The reason: SSH ensures that nobody will intersect and understand your info while moving through the internet. The well known 22 port is a starting point for a lot of automated tools, so changing the default can give you an extra chance to be protected.
Keep your server updated:
This is the most important part of any service that is available on internet. Most of the attacks are not zero-day vulnerabilities, they are just unpatched versions that are vulnerable to a specific attack.
The reason: No matter how secure you think your server is, if it is outdated you will always be vulnerable to any kind of known attack, that makes a hacker's job a lot easier.
You can follow one from the many hardening guides
The reason: Hardening is not impossible to break, but it makes the task a lot harder, and because of that is less probable that a hacker would spend more time on a single server when "in the wild" there are hundreds of vulnerable servers.
Last but not least
There are 3 ways to handle a risk in security:
You can mitigate, you can transfer or you can accept the risk.
If you think that your info is so important that you can't just accept that it could be hacked, you can spend a bit on a cloud server and this way the security will now be the problem from your provider (excepting private keys, etc) you'll need to read the term of every provider to make the best choice.
