Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/05/13 12:0 a.m.4 views

PT-2026-40608

Name of the Vulnerable Software and Affected Versions bandit versions 1.6.1 through 1.11.0 Description An infinite loop in the do read chunked data!/5 function within lib/bandit/http1/socket.ex allows unauthenticated remote attackers to cause a denial of service via worker process exhaustion. The...

8.7CVSS5.8AI score0.01063EPSS
Exploits1References9
Cvelist
Cvelistadded 2026/03/20 1:18 a.m.17 views

CVE-2026-32881 ewe has an Overly Permissive List of Allowed Inputs

ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...

5.3CVSS0.0009EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-35161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache...

9.1CVSS7.1AI score0.00453EPSS
Exploits0References2
OSV
OSVadded 2024/08/09 11:8 a.m.1 views

OESA-2024-1955 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for...

9.1CVSS7AI score0.00488EPSS
Exploits0References3
OSV
OSVadded 2024/07/26 10:15 a.m.1 views

DEBIAN-CVE-2024-35161

Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4...

7.5CVSS7.2AI score0.00453EPSS
Exploits0References1
OSV
OSVadded 2024/07/26 10:15 a.m.0 views

UBUNTU-CVE-2024-35161

Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4...

9.1CVSS5.8AI score0.00453EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/07/26 12:0 a.m.2 views

PT-2024-5230 · Apache · Apache Traffic Server

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 8.1.10 Apache Traffic Server versions 9.0.0 through 9.2.4 Description: The issue arises from Apache Traffic Server forwarding malformed HTTP chunked trailer sections to origin servers, which can be...

9.1CVSS7.6AI score0.00488EPSS
Exploits0References29
Rows per page
Query Builder