CVE-2025-40710 Host Header Injection (HHI) in the Hotspot Shield VPN client

Host Header Injection HHI vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Ho...

HTTP Request Smuggling (HRS)

webrick is vulnerable to HTTP Request Smuggling. The vulnerability is due to inconsistent parsing of HTTP header terminators in the readheaders method, which allows attackers to smuggle arbitrary HTTP requests when deployed behind certain HTTP proxies...

CVE-2025-53018

Lychee is a free, open-source photo-management tool. Prior to version 6.6.13, a critical Server-Side Request Forgery SSRF vulnerability exists in the /api/v2/Photo::fromUrl endpoint. This flaw lets an attacker instruct the application’s backend to make HTTP requests to any URL they choose...

CVE-2025-53018 Lychee has Server-Side Request Forgery (SSRF) in Photo::fromUrl API via unvalidated remote image URLs

Lychee is a free, open-source photo-management tool. Prior to version 6.6.13, a critical Server-Side Request Forgery SSRF vulnerability exists in the /api/v2/Photo::fromUrl endpoint. This flaw lets an attacker instruct the application’s backend to make HTTP requests to any URL they choose...

CVE-2025-52887

A denial-of-service vulnerability, stemming from memory exhaustion, has been identified in the cpp-httplib C++ HTTP/HTTPS library. This flaw is a result of the library's insufficient limits on the processing of HTTP headers. A remote attacker could exploit this by sending specially crafted HTTP...

CVE-2025-34043

A remote command injection vulnerability exists in Vacron Network Video Recorder NVR devices v1.4 due to improper input sanitization in the board.cgi script. The vulnerability allows unauthenticated attackers to pass arbitrary commands to the underlying operating system via crafted HTTP requests...

CVE-2025-34043 Vacron NVR Remote Command Execution

A remote command injection vulnerability exists in Vacron Network Video Recorder NVR devices v1.4 due to improper input sanitization in the board.cgi script. The vulnerability allows unauthenticated attackers to pass arbitrary commands to the underlying operating system via crafted HTTP requests...

CVE-2020-36333

creationtimestamp| type| source ---|---|--- 2025-06-21 05:08:44+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-36333.yaml 2025-06-24 21:02:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lseymlaka722...

CVE-2025-34021

The CVE-2025-34021 affects Selea Targa IP OCR-ANPR cameras (iZero, Targa 512, 504, Semplice, 704 TKM, 805, 710 INOX, 750, 704 ILB). Root cause: unvalidated JSON POST fields ipnotify_address and url used for image fetch/DNS checks, enabling an SSRF. Impact: remote unauthenticated attackers can for...

urllib3 does not control redirects in browsers and Node.js

urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means you can use Python libraries to make HTTP requests from your browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects. However, the retries...

Langflow Unauth RCE

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...

PT-2025-25556

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.0.0 through 7.4.3.21 Liferay DXP versions 7.4 GA through update 9 Liferay DXP versions 7.3 GA through update 25 Liferay DXP older unsupported versions Description The issue allows remote attackers to consume system...

CVE-2025-49181

Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log files’ root path as well as the TCP ports the service is running on, leading to a Denial of Service atta...

CVE-2023-48786

A server-side request forgery vulnerability CWE-918 in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-49181

Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log files’ root path as well as the TCP ports the service is running on, leading to a Denial of Service atta...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-22256

CVE-2025-22256 affects Fortinet FortiPAM and FortiSRA where improper handling of permissions enables improper access control via specially crafted HTTP requests. Affected: FortiPAM 1.0.0–1.4.1 and FortiSRA 1.4.0–1.4.1 (per multiple connected sources). Root cause: insufficient permissions handling...