Astra Linux – Vulnerability in python-httplib2

In httplib2 before version 0.18.0, an attacker who controlled unescaped parts of the URI for httplib2.Http.request could alter request headers and the request body, and send additional hidden requests to the same server. This vulnerability affects software that uses httplib2 with URIs constructed...

EUVD-2002-1762

Malware in sbrugna...

GHSA-Q7P4-7XJV-J3WF Fabio allows HTTP clients to manipulate custom headers it adds

Summary Fabio allows clients to remove X-Forwarded headers except X-Forwarded-For due to a vulnerability in how it processes hop-by-hop headers. Fabio adds HTTP headers like X-Forwarded-Host and X-Forwarded-Port when routing requests to backend applications. Since the receiving application should...

SUSE CVE-2007-6245

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks...

CVE-2020-7460

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...

Flash Player allows to send arbitrary HTTP headers

Overview Adobe Flash Player contains a vulnerability that could allow a remote attacker to modify HTTP headers of client requests and conduct a HTTP request splitting attack. Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed withi...

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mbsendmail message headers modification, etc...