Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2024/10/07 11:29 a.m.2 views

USN-7057-1 ruby-webrick vulnerability

It was discovered that WEBrick incorrectly handled having both a Content- Length header and a Transfer-Encoding header. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack...

6.8AI score0.00108EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/11/14 12:0 a.m.2 views

PT-2023-29854 · Yt-Dlp +2 · Yt-Dlp +2

Name of the Vulnerable Software and Affected Versions: yt-dlp versions prior to 2023.11.14 Description: The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary URL, allowing the attacker to perform a Man-In-The-Middle MITM attack on th...

8.2CVSS6.8AI score0.00689EPSS
Exploits0References23
RedHat Linux
RedHat Linuxadded 2020/11/04 12:35 p.m.1 views

nodejs: HTTP request smuggling due to CR-to-Hyphen conversion

A flaw was found in Node.js, where affected Node.js versions converted carriage returns in HTTP request headers to a hyphen before parsing. This flaw leads to HTTP Request Smuggling as it is a non-standard interpretation of the header. The highest threat from this vulnerability is to...

7.4CVSS7.2AI score0.00632EPSS
Exploits0References4
Rows per page
Query Builder