CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 php: Streams HTTP wrapper...

9.8CVSS7AI score0.0103EPSS

Exploits3References14

OSV•added 2025/02/24 6:29 p.m.•16 views

MGASA-2025-0070 Updated neomutt packages fix security vulnerabilities

The To and Cc email header fields are not protected by cryptographic signing. CVE-2024-49393 The In-reply-to email header field is not protected by cryptographic signing. CVE-2024-49394...

6.5CVSS6.7AI score0.00083EPSS

Exploits0References3

Tenable Nessus•added 2024/01/26 12:0 a.m.•33 views

RHEL 8 : nodejs:16 (RHSA-2023:1582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1582 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

8.6CVSS7.2AI score0.00416EPSS

Exploits5References20

Tenable Nessus•added 2023/04/15 12:0 a.m.•31 views

CentOS 8 : nodejs:16 (CESA-2023:1582)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1582 advisory. - The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...

8.6CVSS7AI score0.00416EPSS

Exploits5References9

Kitploit•added 2015/11/18 9:37 p.m.•22 views

GetHead - HTTP Header Analysis Vulnerability Tool

gethead.py is a Python HTTP Header Analysis Vulnerability Tool. It identifies security vulnerabilities and the lack of protection in HTTP Headers. Usage: $ python gethead.py http://domain.com Changelog Version 0.1 - Initial Release Written in Python 2.7.5 Performs HTTP Header Analysis Reports...

7.9AI score

Exploits0References2

OSV•added 2007/07/24 12:30 a.m.•4 views

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

6.4AI score

Exploits0References18

UbuntuCve•added 2005/01/10 5:0 a.m.•22 views

CVE-2004-1095

Multiple integer overflows in 1 readbmp.c, 2 readgif.c, 3 readgif.c, 4 readmrf.c, 5 readpcx.c, 6 readpng.c,7 readpnm.c, 8 readprf.c, 9 readtiff.c, 10 readxbm.c, 11 readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be...

10CVSS6.3AI score0.20999EPSS

Exploits0References1

NVD•added 2002/07/11 4:0 a.m.•7 views

CVE-2002-0637

InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having or missing space characters in unexpected places aka "space gap", such as 1 Content-Type :", 2 "Content-Transfer-Encoding :", 3 no spac...

7.5CVSS6.7AI score0.03825EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by