EUVD-2022-39892

Malicious code in bioql PyPI...

EUVD-2023-29978

Malicious code in bioql PyPI...

EUVD-2025-19198

Malicious code in bioql PyPI...

Unspecified Vulnerability in Akinsoft QR Menü

Akinsoft QR Menü is a digitized QR code menu system from Akinsoft Turkey. Akinsoft QR Menü s versions prior to 1.05.05 to v1.05.12 contain a security vulnerability that originates from improper certificate validation, which can be exploited by an attacker to cause HTTP response splitting...

CVE-2024-12973

Origin Validation Error vulnerability in Akinsoft OctoCloud allows HTTP Response Splitting, CAPEC - 87 - Forceful Browsing. This issue affects OctoCloud: from s1.09.01 before v1.11.01...

CVE-2024-12925

Improper Validation of Certificate with Host Mismatch vulnerability in Akınsoft QR Menü allows HTTP Response Splitting. This issue affects QR Menü: from s1.05.05 before v1.05.12...

CVE-2024-12925

CVE-2024-12925 concerns Akınsoft QR Menü. Multiple connected sources confirm a vulnerability in versions s1.05.05 through v1.05.11 due to improper validation of certificates with host mismatch, enabling HTTP response splitting. The issue originates in the certificate-host validation logic for the...

CVE-2024-12925 Host Header Injection in Akinsoft's QR Menu

Improper Validation of Certificate with Host Mismatch vulnerability in Akınsoft QR Menü allows HTTP Response Splitting. This issue affects QR Menü: from s1.05.05 before v1.05.12...

PT-2025-35481

Name of the Vulnerable Software and Affected Versions: Akınsoft QR Menü versions s1.05.05 through v1.05.11 Description: Improper validation of certificates with host mismatch in Akınsoft QR Menü allows for HTTP Response Splitting. Recommendations: Update Akınsoft QR Menü to version 1.05.12 or lat...

Linux Distros Unpatched Vulnerability : CVE-2020-11709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection...

DEBIAN-CVE-2025-40927

CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions. Although some...

Linux Distros Unpatched Vulnerability : CVE-2017-7443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0ad...

F5 Networks BIG-IP : Apache HTTP server vulnerability (K000153074)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000153074 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities due to the included Apache HTTP Server

Summary There are multiple vulnerabilities in Apache HTTP Server which affect the IBM HTTP Server used by IBM WebSphere Application Server. Vulnerability Details CVEID:CVE-2024-43204 DESCRIPTION: SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2025:02684-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02684-1 advisory. - CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 - CVE-2024-43204: Fixed a SSRF when...

Security update for apache2

This update for apache2 fixes the following issues: CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. bsc1246305 CVE-2024-47252: Fixed insufficient...

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2025-1125)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1125 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the...

Amazon Linux 2 : httpd (ALAS-2025-2958)

The version of httpd installed on the remote host is prior to 2.4.64-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2958 advisory. HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response...

CVE-2025-41376

CRLF Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid//token/fwyfw%0d%0aCookie:%20POC'...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2025:02565-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02565-1 advisory. - CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 - CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to...