Lucene search
K

2494 matches found

CVE
CVE
added 13 hours ago7 views

CVE-2026-58229

The CVE-2026-58229 issue affects the Elixir Mint HTTP client. Mint.HTTP1.decode_headers/5 and Mint.HTTP1.decode_trailer_headers/4 accumulate all parsed response headers and trailer fields into a request.headers_buffer without a cap, and decoding uses unlimited per-line/packet limits. A malicious ...

8.2CVSS6.2AI score
Exploits0References4
NVD
NVD
added 6 days ago9 views

CVE-2025-3110

OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy...

7.5CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added 6 days ago21 views

CVE-2025-3110

CVE-2025-3110 affects OpenVPN Access Server 2.7.2 through 3.1.0, where the server accepts bare line-feed sequences inside HTTP header values, enabling HTTP request smuggling when deployed behind a reverse proxy. Red Hat’s advisory notes this flaw stems from unstandardized LF handling in HTTP head...

7.5CVSS6AI score0.00259EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/07 9:52 p.m.8 views

nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers

A flaw was found in NGINX. When NGINX is configured to proxy HTTP/2 traffic using the ngxhttpproxyv2module or ngxhttpgrpcmodule with specific settings, a remote, unauthenticated attacker can send specially crafted large headers. This can trigger a heap-based buffer overflow, leading to a restart ...

9.2CVSS7.7AI score0.03459EPSS
Exploits1References5
NVD
NVD
added 2026/07/06 9:16 a.m.9 views

CVE-2026-48205

Improper Input Validation, Server-Side Request Forgery SSRF vulnerability in Apache Camel DNS component. The camel-dns producers read DNS operation parameters - the resolver to query, the name or domain to look up, the record type and class, and the search term - from Exchange message headers who...

9.1CVSS0.0037EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 8:9 a.m.6 views

EUVD-2026-41841

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel JIRA component. The camel-jira producers read their operation parameters - the issue key, project key, transition id, summary, type, assignee, components, watchers, link type, work-log minute...

5.3CVSS6.1AI score0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:8 a.m.33 views

CVE-2026-48205 Apache Camel DNS: The dns.* and term Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour

Improper Input Validation, Server-Side Request Forgery SSRF vulnerability in Apache Camel DNS component. The camel-dns producers read DNS operation parameters - the resolver to query, the name or domain to look up, the record type and class, and the search term - from Exchange message headers who...

0.0037EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 8:19 p.m.7 views

GHSA-JQC5-2P7Q-FQFC Hysteria: http large header with sniff cause server DoS

Summary Sending an excessively large header by an attacker could lead to a server-side DoS attack. Details The current sniff implementation does not explicitly specify the upper limit for HTTP headers. Attackers can continuously send excessively large headers without including \r\n\r\n, leading t...

7.5CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/06/23 9:17 p.m.16 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS0.00152EPSS
Exploits0References3
OSV
OSV
added 2026/06/20 6:54 a.m.2 views

SUSE-SU-2026:22196-1 Security update for tomcat11

This update for tomcat11 fixes the following issues Update to Tomcat 11.0.22: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165....

9.8CVSS6.7AI score0.01339EPSS
Exploits2References15
EUVD
EUVD
added 2026/06/12 6:35 p.m.40 views

EUVD-2026-36541

Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...

8.8CVSS5.8AI score0.00351EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 6:35 p.m.11 views

CVE-2026-12043 Heap double-free in AWS Common Runtime aws-c-http

Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...

8.8CVSS5.9AI score0.00351EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 9:5 a.m.30 views

CVE-2026-50634 Apache CXF: WS JSON request filter trusts metadata from an unvalidated first signature entry

A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's assumption that accepted Content-Type or protected HTTP-header metadata came from a verified...

0.00278EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2026/06/12 12:0 a.m.16 views

SwiftNIO NIOHTTP1: HTTPDecoder accepts unbounded HTTP/1 header blocks, enabling remote DoS

The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting HTTPHeaders...

5.6AI score0.00048EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/11 3:34 p.m.7 views

SUSE-SU-2026:2374-1 Security update for tomcat11

This update for tomcat11 fixes the following issues Update to Tomcat 11.0.22: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165....

9.8CVSS5.6AI score0.01339EPSS
Exploits2References15
EUVD
EUVD
added 2026/06/03 1:17 p.m.15 views

EUVD-2026-34092

daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines. An...

3.7CVSS5.8AI score0.00172EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/01 10:29 a.m.8 views

Cross-site Scripting (XSS)

Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the MessageServlet component. An attacker can inject arbitrary HTTP response headers by setting malicious JMS message...

6.1CVSS5.5AI score0.01107EPSS
Exploits1References2
NVD
NVD
added 2026/06/01 9:16 a.m.19 views

CVE-2026-42253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS0.01107EPSS
Exploits1References2
CVE
CVE
added 2026/06/01 7:23 a.m.65 views

CVE-2026-42253

CVE-2026-42253 affects Apache ActiveMQ and Apache ActiveMQ Web. The vulnerability arises in the MessageServlet of the web console API, which copies every JMS message property into HTTP response headers without validation, enabling potential HTTP header injection and cross-site scripting via JMS m...

6.1CVSS5.8AI score0.01107EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/01 7:23 a.m.10 views

CVE-2026-42253 Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

5.8AI score0.01107EPSS
Exploits1References1
Rows per page
Query Builder