Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/05/05 2:0 p.m.0 views

UBUNTU-CVE-2026-6907

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...

5.3CVSS5.7AI score0.00036EPSS
Exploits0References4
NVD
NVDadded 2026/03/05 12:15 a.m.6 views

CVE-2026-2833

An HTTP request smuggling vulnerability CWE-444 was found in Pingora's handling of HTTP/1.1 connection upgrades. The issue occurs when a Pingora proxy reads a request containing an Upgrade header, causing the proxy to pass through the rest of the bytes on the connection to a backend before the...

9.3CVSS0.00018EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-1836

Malware in sbrugna...

5.3CVSS5.3AI score0.00215EPSS
Exploits0References5
Amazon
Amazonadded 2024/07/22 12:0 a.m.2 views

Medium: golang

Issue Overview: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

7.5CVSS7.2AI score0.01018EPSS
Exploits0
CNNVD
CNNVDadded 2024/03/18 12:0 a.m.2 views

Kossy Security Breach

Kossy is a web application framework developed by Masahiro Nagano, an individual developer in Japan. A security vulnerability exists in Kossy module version 0.60, which stems from mishandling of X-Requested-Wise, allowing an attacker to perform JSON hijacking...

9.8CVSS6.8AI score0.00088EPSS
Exploits0References3
OSV
OSVadded 2022/05/24 5:21 p.m.6 views

GHSA-XPV7-93CM-4MXV img_auth.php may leak private extension images into the public cache

In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because...

3.1CVSS4.6AI score0.00737EPSS
Exploits0References10
RedHat Linux
RedHat Linuxadded 2021/03/16 3:17 p.m.90 views

Low: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.04359EPSS
Exploits0References3
OSV
OSVadded 2019/11/26 6:15 p.m.3 views

CVE-2019-17392

Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a Forgotten Password because the HTTP Host header is mishandled...

9.8CVSS7.3AI score0.00485EPSS
Exploits0References1
OSV
OSVadded 2013/03/11 5:55 p.m.1 views

DEBIAN-CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS7.1AI score0.03483EPSS
Exploits2References1
Rows per page
Query Builder