Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 1:21 a.m.7 views

CVE-2022-21826

Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down...

5.4CVSS6.6AI score0.45229EPSS
Exploits0References1
Ivanti
Ivantiadded 2023/02/14 7:22 a.m.17 views

SA45476 - Client Side Desync Attack (Informational)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Portswigger has provided a responsible disclosure of a vulnerability that affects the Pulse Collaboration feature. Their write up can be found here:...

5.4CVSS6.5AI score0.45229EPSS
Exploits0
Circl
Circladded 2022/09/30 8:36 p.m.5 views

CVE-2022-21826

creationtimestamp| type| source ---|---|--- 2022-09-30 20:36:26+00:00| seen| https://t.me/cibsecurity/50786...

5.4CVSS5.5AI score0.45229EPSS
Exploits0References1
CVE
CVEadded 2022/09/30 4:24 p.m.66 views

CVE-2022-21826

Pulse Connect Secure (Pulse Secure) versions 9.115 and below are affected by a client-side HTTP request smuggling vulnerability. When handling a POST request, the application may ignore the Content-Length header and keep the POST body on the TCP/TLS socket, causing the body to prefix the next HTT...

5.4CVSS5.3AI score0.45229EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder