Lucene search
K

88 matches found

Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.6 views

PT-2026-21505

Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop HTTP headers, where an incoming request containing the header "Connection: Transfer-Encoding" could result in a forward request with invalid message framing, depending on the Akamai processing pat...

4CVSS5.5AI score0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/23 12:0 a.m.30 views

CVE-2026-26365

Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop HTTP headers, where an incoming request containing the header "Connection: Transfer-Encoding" could result in a forward request with invalid message framing, depending on the Akamai processing pat...

4CVSS0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/23 12:0 a.m.9 views

Akamai Ghost 环境问题漏洞

Akamai Ghost is an HTTP service program developed by the American company Akamai. Versions of Akamai Ghost prior to 2026-02-06 contained environmental issues. These issues stemmed from improper handling of custom hop-by-hop HTTP headers, which could lead to HTTP requests being interspersed with...

4CVSS7.5AI score0.00177EPSS
Exploits0References1
Fedora
Fedora
added 2026/02/15 1:13 a.m.18 views

[SECURITY] Fedora 43 Update: nginx-mod-fancyindex-0.5.2-15.fc43

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

8.2CVSS5.5AI score0.00339EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/17 7:15 p.m.18 views

CVE-2021-47844

Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mous...

6.1CVSS7.7AI score0.00347EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 7:16 p.m.3 views

CVE-2021-47844

Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mous...

6.1CVSS0.00347EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/16 7:9 p.m.3 views

CVE-2021-47844 Xmind 2020 - Persistent Cross-Site Scripting

Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mous...

6.1CVSS7.3AI score0.00347EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/16 7:9 p.m.4 views

CVE-2021-47844

Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mous...

6.1CVSS6.1AI score0.00347EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/01/16 7:9 p.m.31 views

CVE-2021-47844

CVE-2021-47844 affects Xmind 2020, describing a persistent cross-site scripting vulnerability in mind mapping files or custom headers that can embed JavaScript to execute commands when opened, enabling remote code execution via user interaction. The documents consistently identify the affected pr...

6.1CVSS7.3AI score0.00347EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/16 7:9 p.m.26 views

CVE-2021-47844 Xmind 2020 - Persistent Cross-Site Scripting

Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mous...

6.1CVSS0.00347EPSS
Exploits0References4
Fedora
Fedora
added 2026/01/03 12:42 a.m.9 views

[SECURITY] Fedora 43 Update: nginx-mod-fancyindex-0.5.2-13.fc43

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

6.3CVSS6.6AI score0.00371EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/12/11 10:5 p.m.152 views

Exploit for Deserialization of Untrusted Data in Facebook React

react2shellburp CVE-2025-55182 Burp Suite extension for ide...

10CVSS7AI score0.99562EPSS
Exploits372
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.4 views

Custom HTTP Header Detected

This is an informational notice that the scanner was able to detect custom HTTP headers in the target application's responses. No source data...

6.9AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2757

Malware in sbrugna...

9.8CVSS8.3AI score0.04218EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16398

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.00511EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-1783

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.0039EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-8671

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00216EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-8670

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00198EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-3767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless ...

7.7CVSS6.7AI score0.00746EPSS
Exploits1References2
OSV
OSV
added 2025/06/03 5:28 p.m.4 views

GO-2025-3722 Fabio allows HTTP clients to manipulate custom headers it adds in github.com/fabiolb/fabio

Fabio allows HTTP clients to manipulate custom headers it adds in github.com/fabiolb/fabio...

9.1CVSS9.6AI score0.00511EPSS
Exploits1References3
Rows per page
Query Builder