Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-17420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a...

5.3CVSS5.7AI score0.01355EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/06/25 12:20 p.m.4 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00682EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2022/09/13 9:59 a.m.1 views

nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding

A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling HRS, causing web cache poisoning, and conducting XSS attacks...

6.5CVSS7.3AI score0.34494EPSS
Exploits1References5
OSV
OSVadded 2021/02/05 11:2 a.m.2 views

OESA-2021-1032 varnish security update

This is Varnish Cache, a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x,...

7.8CVSS7AI score0.059EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2020/03/31 7:36 p.m.15 views

php: Stack-based buffer under-read in php_stream_url_wrap_http_ex() in http_fopen_wrapper.c when parsing HTTP response

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in copying a large string...

9.8CVSS7.5AI score0.87883EPSS
Exploits3References4
CNVD
CNVDadded 2017/07/12 12:0 a.m.3 views

Microsoft Edge Spoofing Vulnerability (CNVD-2017-14641)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly parse HTTP content and has a spoofing vulnerability in its implementation. An attacker could exploit the vulnerability to trick users into opening malicious websites, among other things...

6.5CVSS6.5AI score0.11495EPSS
Exploits0References1
Rows per page
Query Builder