CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/23 4:47 a.m.•5 views

CVE-2023-4463

A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated remotely. The exploit...

7.5CVSS7AI score0.00096EPSS

Exploits1

RedhatCVE•added 2025/05/23 4:27 a.m.•4 views

CVE-2023-4965

A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...

4.8CVSS6.8AI score0.00175EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:3 a.m.•4 views

CVE-2019-25101

A vulnerability classified as critical has been found in OnShift TurboGears 1.0.11.10. This affects an unknown part of the file turbogears/controllers.py of the component HTTP Header Handler. The manipulation leads to http response splitting. It is possible to initiate the attack remotely...

9.8CVSS6.9AI score0.00628EPSS

CNVD•added 2025/05/14 12:0 a.m.•1 views

D-Link DIR-880L /htdocs/ssdpcgi File Command Injection Vulnerability

The D-Link DIR-880L is a dual-band Gigabit wireless router from China's AUO D-Link. The D-Link DIR-880L suffers from a command injection vulnerability, which arises from the failure of the file /htdocs/ssdpcgi in the component Request Header Handler to correctly filter the constructed command...

9.8CVSS6.5AI score0.01345EPSS

RedhatCVE•added 2025/05/08 7:11 a.m.•6 views

CVE-2025-4328

A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa. It has been declared as problematic. Affected by this vulnerability is the function sendBack of the file...

5.1CVSS6.9AI score0.00134EPSS

Vulnrichment•added 2025/05/06 8:31 a.m.•8 views

CVE-2025-4341 D-Link DIR-880L Request Header ssdpcgi sub_16570 command injection

A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command...

6.5CVSS7.5AI score0.01345EPSS

Exploits0References5

NVD•added 2025/05/06 7:15 a.m.•8 views

CVE-2025-4328

5.1CVSS0.00134EPSS

Positive Technologies•added 2025/05/06 12:0 a.m.•4 views

PT-2025-19924 · Unknown · Spring-Cloud-Base

Name of the Vulnerable Software and Affected Versions: spring-cloud-base versions up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa Description: A problem has been declared in the function sendBack of the file...

5.1CVSS3.7AI score0.00134EPSS

Exploits0References8

CNNVD•added 2025/05/06 12:0 a.m.•1 views

spring-cloud-base 安全漏洞

spring-cloud-base is an application by fp2952 individual developer. A security vulnerability exists in spring-cloud-base, which originates in the component HTTP Header Handler in the file /spring-cloud-base-master/auth-center/auth-center-provider/src/main/java/com/...

5.1CVSS4.8AI score0.00134EPSS

OSV•added 2025/03/27 4:15 a.m.•1 views

CVE-2025-2833

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been classified as problematic. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to inefficient regular expression complexity. It is possible to launch th...

6.9CVSS4.8AI score0.00338EPSS

CVE•added 2025/03/27 4:0 a.m.•61 views

CVE-2025-2833

The CVE-2025-2833 entry concerns zhangyd-c OneBlog (≤2.3.9) where the HTTP Header Handler’s handling of X-Forwarded-For allows an attack via insufficient regular-expression complexity (a ReDoS-like issue). A remote attacker could exploit this vulnerability; exploitation details are present in con...

6.9CVSS6.9AI score0.00338EPSS

Exploits1References5Affected Software1

NVD•added 2025/03/17 3:15 a.m.•13 views

CVE-2025-2358

A vulnerability was found in Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /Kfxt/Service.asmx of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For lead...

6.5CVSS0.0009EPSS

Cvelist•added 2025/03/17 3:0 a.m.•14 views

CVE-2025-2358 Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injection

6.5CVSS0.0009EPSS

CVE•added 2025/03/17 3:0 a.m.•65 views

CVE-2025-2358

CVE-2025-2358 affects Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System 1.0. The vulnerability is an SQL injection in the HTTP Header Handler, triggered by manipulating the X-Forwarded-For argument in requests to /Kfxt/Service.asmx. It is described as remotely exploitable and has...

6.5CVSS6.8AI score0.0009EPSS

NVD•added 2025/03/03 5:15 p.m.•11 views

CVE-2025-1876

A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function httprequestparse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched...

9.8CVSS0.01397EPSS

Vulnrichment•added 2025/03/03 5:0 p.m.•6 views

CVE-2025-1876 D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow

7.5CVSS7.3AI score0.01397EPSS

CVE•added 2025/03/03 5:0 p.m.•52 views

CVE-2025-1876

CVE-2025-1876 affects D-Link DAP-1562 running version 1.10. The issue is a stack-based buffer overflow in the HTTP Header Handler’s http_request_parse function triggered by manipulation of the Authorization argument. The vulnerability can be exploited remotely to potentially execute arbitrary cod...

9.8CVSS7.1AI score0.01397EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/03/03 5:0 p.m.•8 views

CVE-2025-1876 D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow

7.5CVSS0.01397EPSS