PT-2025-29460 · D Link · Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 16.07.26A1 Description: A critical issue exists in the HTTP Request Handler component of the D-Link DI-8100. The vulnerability is a stack-based buffer overflow caused by manipulation of an unknown function within the...

PT-2025-29459 · D Link · Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 16.07.26A1 Description: A critical issue exists in the HTTP Request Handler component due to improper processing of the /arp sys.asp file. This can lead to a stack-based buffer overflow, potentially allowing for remote...

CBL Mariner 2.0 Security Update: ruby / rubygem-webrick (CVE-2025-6442)

The version of ruby / rubygem-webrick installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6442 advisory. - Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remot...

Azure Linux 3.0 Security Update: ruby / rubygem-webrick (CVE-2025-6442)

The version of ruby / rubygem-webrick installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6442 advisory. - Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remot...

CVE-2024-56468

IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service...

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling through the processing of chunked encoded requests in parseheader function. An attacker can manipulate request boundaries by injecting conflicting Content-Length or Transfer-Encoding headers via trailers which can...

CVE-2024-56468 IBM InfoSphere Data Replication VSAM for z/OS Remote Source denial of service

IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service...

Security Bulletin: IBM Storage Ceph is vulnerable to HTTP Request/Response Smuggling and Unauthorized Exposure of Information in HAProxy (CVE-2023-40225, CVE-2023-0836, CVE-2023-25725, CVE-2023-45539)

Summary HAProxy is used by IBM Storage Ceph for Load Balancing. This bulletin identifies the steps to take to address the vulnerability in HAProxy. CVE-2023-40225, CVE-2023-0836, CVE-2023-25725, CVE-2023-45539. Vulnerability Details CVEID:CVE-2023-40225 DESCRIPTION: HAProxy through 2.0.32, 2.1.x...

Security Bulletin: Multiple vulnerabilities that affects IBM Db2 Data Management Console (CVE-2022-23648, CVE-2022-32149)

Summary The listed dependency packages are being used by IBM Db2 Data Management Console github.com/containerd/containerd, golang.org/x/text. This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2022-27664 DESCRIPTION: In net/http in Go befo...

CVE-2025-40710

Host Header Injection HHI vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Ho...

HTTP Request Smuggling (HRS)

webrick is vulnerable to HTTP Request Smuggling. The vulnerability is due to inconsistent parsing of HTTP header terminators in the readheaders method, which allows attackers to smuggle arbitrary HTTP requests when deployed behind certain HTTP proxies...

CVE-2024-51981

An unauthenticated attacker may perform a blind server side request forgery SSRF, due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control al...

Ruby WEBrick < 1.8.2 HTTP Request Smuggling

The version of the WEBrick Ruby library installed on the remote host is prior to 1.8.2. It is, therefore, affected by an HTTP request smuggling vulnerability in the readheader. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick...

Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

GHSA-R995-Q44H-HR64 Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

RHEL 8 : weldr-client (RHSA-2025:9845)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9845 advisory. Command line utility to control osbuild-composer Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http...

Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

UBUNTU-CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...