CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4424 matches found

RedhatCVE•added 2026/01/09 10:47 a.m.•3 views

CVE-2022-31779

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...

7.5CVSS6.6AI score0.02849EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:45 a.m.•2 views

CVE-2022-0618

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSHPROMISE frame where the frame contains padding information...

7.8CVSS6.8AI score0.01019EPSS

Exploits0References1

SUSE Linux•added 2026/01/05 10:52 a.m.•2 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-12105: Fixed heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.8CVSS6.7AI score0.00071EPSS

Exploits0References4

Atlassian•added 2025/12/03 10:10 a.m.•11 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2025-55163 was introduced in 10.3.0, and 11.0.0 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

8.2CVSS6.8AI score0.00053EPSS

Exploits1

Tenable Nessus•added 2025/11/13 12:0 a.m.•7 views

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-44487)

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

7.5CVSS7AI score0.94395EPSS

Exploits19References10

OpenVAS•added 2025/11/12 12:0 a.m.•1 views

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2025-2335)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03545EPSS

Exploits0References2

EUVD•added 2025/10/21 8:3 p.m.•2 views

EUVD-2025-35257

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP/2 to compromise Oracle WebLogic Server...

7.5CVSS5.8AI score0.00054EPSS

Exploits0References1

F5 Networks•added 2025/10/15 11:1 a.m.•11 views

K000150752: BIG-IP HTTP/2 vulnerability CVE-2025-55669

Security Advisory Description When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-55669 Impact Traffic is disrupted for new client...

8.7CVSS6.9AI score0.00325EPSS

Exploits0Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-4905

Malware in sbrugna...

7.5CVSS7.5AI score0.00786EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-18890

Malware in sbrugna...

7.8CVSS7.9AI score0.03578EPSS

Exploits0References37